|
|
Signature, certificate...
|
|
|
|
Lorca
|
|
This keychain stuff is cool, but I haven't figured out what to do with a Verisign certificate. I used Netscape to get a personnal certificate (60 days free offer from verisign), it installed itself in Netscape. I use the export function to export this certificate. I just drag the resulting ".p12" file to the Keychain Access windows and bam! it accepted it... I now have a personnal certificate in my keychain, and a Verisign certificate, and a Verisign root certificate.
Once they are there what do I do with them? There's nothing to "sign" document, or compress for somebody else (� la pgp)? There's this Encrypt function, but it does not use the certificate, there's this Apple Verifier, but nothing to "sign" the documents...
anyone knows more about this?
|
|
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: Oct 1999
Status:
Offline
|
|
|
|
|
|
|
|
|
|
|
Lorca
|
|
And how "in real life" do you get a private key and sign a document?
|
|
|
|
|
|
|
|
|
Cyphers
|
|
I think there's an SDK from Apple to sign a file. It's really for developers to sign files so that users can verify them as coming from the developers -- as long as they have MacOS 9. Your average user is not expected to go through the massive PITA (usually requiring you to spend money) to get an X.509 cert and drag that file to Netscape.
CDSA is a dead API that has been around for years languishing. Only Apple is using it in a major software product. You can rest assured Microsoft will never use it. It's not like OpenGL where suddenly a bunch of games can now be easily ported to MacOS. Lots of major software uses OpenGL. Nothing uses CDSA. Also given that the only deployment of CDSA so far by Apple is weak-crypto only (40 or 56 bit, not sure which one they used, both are useless), the API is now polluted with weak implementations making it essentially impossible for developers to use it for anything serious.
I doubt any developers want to stamp "MacOS 9 Only" on their box, and developers who don't want to do that can PGP-sign their files as lots of people (including Apple itself) have been doing for many years.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Rules
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|