[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Who generates AOCE keys?



In the software I used (as recently as last Thursday) the keys are
_absolutely_, _positively_ generated locally.  Subsequently the public key
can be mailed automagically to RSADSI to be incorporated into a certificate
which is returned to you.  The latest version of RIPEM Mac uses the same
procedure for the same functionality.

  >>[...] users will get certified keys from RSA [...]

Yes!  _After_ sending RSADSI an uncertified key.


  >>[the user] can generate a key for use on their network

This is the uncertified key.


  >>Apple believes you'll want publically certified keys

Thus, they provide a mechanism to get RSADSI to certify your (self
generated) key.


Scott Collins         | "Few people realize what tremendous power there
                      |  is in one of these things."     -- Willy Wonka
......................|................................................
BUSINESS.   voice:408.862.0540  fax:974.6094   [email protected]
Apple Computer, Inc.   1 Infinite Loop, MS 301-2C   Cupertino, CA 95014
.......................................................................
PERSONAL.   voice/fax:408.257.1746    1024:669687   [email protected]