pyCA 20031118 review
DownloadpyCA tries to make it easier for people to set up and run a organizational certificate authority which fulfills the need for a fairly
|
|
pyCA tries to make it easier for people to set up and run a organizational certificate authority which fulfills the need for a fairly secure certification processing.
The usage of cryptographic techniques promises secure usage of Internet services concerning authentication of clients and servers and authorized access to sensitive data. During the last two years it turned out that X.509 certificates, SSL and S/MIME are the relevant, widely adopted cryptographic standards for securing various Internet services like WWW, Mail, etc.
However these standards require to set up a working X.509-based PKI (pulic key infrastructure). Although there is a quite lot of documentation and some example software for setting up a primitive PKI with an own certificate authority with the free package OpenSSL it seems that this task is not easy for most people.
There is a lot of discussion on various mailing-lists, e.g. how to generate self-signed CA certificates, generate certificate requests with the famous WWW browsers and how to provide client certificates / certificate revocation lists for download, etc. Additionally if the certification business of an organization gets only a little bit more serious one has to take care about critical security issues.
pyCA 20031118 search tags