[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [pkix] CA Testing - how to ?

From: Paul Hoffman <phoffman at imc.org>
To: Ogle Ron <ron.ogle at thomson.net>, "openca at acm.org" <openca at acm.org>, pkix <ietf-pkix at imc.org>
Date: Tue, 17 Nov 2009 13:45:56 -0800
In-reply-to: <C7287F97.2509A%ron.ogle at thomson.net>
References: <C7287F97.2509A%ron.ogle at thomson.net>
List-id: PKIX Working Group <pkix.ietf.org>

At 4:28 PM -0500 11/17/09, Ogle Ron wrote:
>BTW, for development and testing purposes, DOCSIS defines a separate PKI.
>This way there is no problem with knowing what is test and what is
>production.

This seems like the safest way to go: issue all test certificates under a root that no one has, so they can't trust it by accident.

References:
- Re: [pkix] CA Testing - how to ?
  - From: Ogle Ron

Prev by Date: Re: [pkix] CA Testing - how to ?
Next by Date: Re: [pkix] CA Testing - how to ?
Previous by thread: Re: [pkix] CA Testing - how to ?
Next by thread: Re: [pkix] CA Testing - how to ?
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.