On 9 Jan 2004, at 20:33, Paul Jakma wrote:
> Hmm... no, I mean a certificate signed by a key which itself has its
> cert signed by a CA.
You can't, as a rule. The certificates issued by CAs have the "can be
used to sign other certs" bit turned off. Each certificate has a list
of valid purposes; this is one of them, and commercial CAs are always
very careful to turn it off in certs they issue.
Colm
--
Colm Buckley / colm at google.com / +353 87 2469146
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
