On söndag, jul 13, 2003, at 10:48 Europe/Stockholm, Kurt Erik Lindqvist wrote:
In APNIC we use X.509 certificate to secure MyAPNIC (similar to LIR Portal). Having X.509 auth in the whois db would make a better integration with this facility.
Is this then being widely used? No issues with client support and configurations?
Do you have your own root-CA, or do you use someone else? If you have your own, how do you distribute the certificate?
paf
Hi Patrik, Yes we run our own root-CA, and the first step is for the client to install APNIC root CA in its trusted root store. We're using the OpenCA software (www.openca.org) and modify it to suit our purpose. When we issue a certificate, an e-mail containing download url + instruction is sent to the requestor. Cheers, Sanjaya