| View Question |
|
|
 | ||
|
| Subject:
How to create extensions for x509 certificates to be used for delegating rights
Category: Computers > Security Asked by: johnnytriumph-ga List Price: $30.00 |
Posted:
14 Dec 2005 06:59 PST
Expires: 23 Dec 2005 02:29 PST Question ID: 605701 |
how do I use OpenSSL to create new extensions for x509 certificates to be used for delegating privileges? Example: Person A has a certificate which provides him with read/write privileges to a specific folder on a ftp-server. Persons B and C have no privileges on the server. Person A issues and signs a new certificate to Person B and in doing so, provides Person B with read-only privileges to the same folder. Person A issues and signs a new certificate to Person C and in doing so, provides Person C with read-and-write privileges to the same folder. The extensions should contain strings with "roles/privileges" and "delegation constraints" for example if Person B should have the privilege to delegate the "read-only" rights to a new party but Person C should not have that privilege. The server side should be able to look at the certificates from Persons A, B or C, validate them and determine from the extensions-content what rights (if any) the persons should have for any possible requests. |
| ||
|
| There is no answer at this time. |
| ||
|
| There are no comments at this time. |
If you feel that you have found inappropriate content, please let us know by emailing us at answers-support@google.com with the question ID listed above. Thank you. |
| Search Google Answers for |
| Google Home - Answers FAQ - Terms of Service - Privacy Policy |