[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [pkix] CA Testing - how to ?

From: Massimiliano Pala <Massimiliano.Pala at Dartmouth.edu>
To: pkix at ietf.org
Date: Tue, 17 Nov 2009 16:47:22 -0500
In-reply-to: <C7287F97.2509A%ron.ogle at thomson.net>
References: <C7287F97.2509A%ron.ogle at thomson.net>
List-id: PKIX Working Group <pkix.ietf.org>

So how do you test that the production PKI works exactly as the test
PKI if they are two separate setup ? You just rely on the fact that the
configurations are the same ? Don't you have to assert the production
environment somehow ?

Thanks for sharing :)

Cheers,
Max


On 11/17/2009 04:28 PM, Ogle Ron wrote:

I issue certificates for DOCSIS certified Cable Modems.  I know that there
are several different CA software vendors who support these certificates.
The certs follow a well defined set of extensions and flag definitions.  We
interoperate fairly well.

BTW, for development and testing purposes, DOCSIS defines a separate PKI.
This way there is no problem with knowing what is test and what is
production.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Follow-Ups:
- Re: [pkix] CA Testing - how to ?
  - From: Stefan Santesson
- Re: [pkix] CA Testing - how to ?
  - From: max pritikin
- Re: [pkix] CA Testing - how to ?
  - From: Ogle Ron
- Re: [pkix] CA Testing - how to ?
  - From: Stephen Wilson

References:
- Re: [pkix] CA Testing - how to ?
  - From: Ogle Ron

Prev by Date: Re: [pkix] CA Testing - how to ?
Next by Date: Re: [pkix] CA Testing - how to ?
Previous by thread: Re: [pkix] CA Testing - how to ?
Next by thread: Re: [pkix] CA Testing - how to ?
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.