Timeline for answer to Why don't CAs sell certificates as files, instead of hardware or as a service? by Josef
Current License: CC BY-SA 4.0
Post Revisions
7 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Apr 9, 2019 at 13:38 | comment | added | vidarlo | A certificate authority depends on context. I'm my own CA when it comes to signing kernel modules for my laptop. | |
| Apr 9, 2019 at 12:32 | comment | added | Seb | I have a list of requirements for the different key pairs I need to obtain. Some are very specific (And in those cases easy for me to obtain so they don't fall under the questions I'm asking here) some are more vague. One simply has the requirement that the certificate be signed by a CA. Absolutely no mention of what standards it must conform to, etc. It's possible that the requirements I'm being given are insufficient and that this is leading to some of my confusion... | |
| Apr 9, 2019 at 12:26 | comment | added | Josef | @Seb this could be another question. Basically a CA confirms to rules (e.g. AATL) and is audited by another company to check that they actually follow this rules. Based on that, the creator of the rules (e.g. Adobe) trusts the certificates signed by the CA. If you don't want Adobe to trust your certificate, why do you need a CA? Or in other words: A CA is just some entity that is agreeing to sign a public key! Just one entity that a lot of other people choose to trust. | |
| Apr 9, 2019 at 12:24 | comment | added | Seb | What exactly makes a CA a CA, rather than just some entity that is agreeing to sign a public key? If a company wanted to sign their own keys, what would make them a CA signing their own keys, vs just a self-signed certificate? Or is there no difference? | |
| Apr 9, 2019 at 12:12 | comment | added | Josef | My personal CA I created just moments ago will happily sign it! Or are there maybe any other requirements you have but didn't tell us? | |
| Apr 9, 2019 at 12:07 | comment | added | Seb | I don't care about AATL at all. I have a certificate that I have already generated, and I would like to purchase a signature for it from a CA, but I cannot find one. Do you know a CA that will sign a certificate without requiring it to exist on secure hardware. | |
| Apr 9, 2019 at 11:52 | history | answered | Josef | CC BY-SA 4.0 |