[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: certificate server

----- Original Message ----- 
From: "Rick Moen" <rick@linuxmafia.com>
To: <debian-security@lists.debian.org>
Sent: Tuesday, November 04, 2003 11:50 AM
Subject: Re: certificate server


> Quoting Jeff (debian0309@aquabolt.com):
>
> > The use of Client is confusing - you actually appear to be generating
> > what I would call a self-signed server certificate for installation on
> > one specific webserver. This is for authenticating this signel Server
> > to clients that browse your website using HTTPS.
>
> That happens to explicitly _be_ the entire context of the article.  I
> have a difficult time believing that anyone could be confused by it:
> The reader would basically have to be ignoring important parts of the text.
>

mmm - so the narrative talks about SERVER certs but the actual commands use
CLIENT... the SERVER key, csr and crt are called Client.key Client.csr
Client.crt - wouldn't it just be clearer to call them Server.key Server.csr and
Server.crt?

Lots of people get server and client certs mixed up - maybe this is a change to
be pedantically clear?

What happens when documentation [yours or someone else's] switches to talking
about Client certificates?

Our naming standard is actually
  www.xxx.com.key
  www.xxx.com.csr
  www.xxx.com.crt

which means that there is absolutely no confusion when running lots of HTTPS on
the same server.

Anyway, not a big issue 8-)

Regards
Jeff
Reply to: