Walt,
Do you mean that there are difficulties to access through LDAP an Active
Directory, as you want to read or use X509 certificates ?
By the way,does somebody know issues about Active Directory LDAP, or issues to
read a certificate in an Active Directory ?
For me it would be a mistake to use now the "brand new" Active Directory, but
if someone could tell me where I can find proofs of lack of compatibility (from
Microsoft, there must be surely one of two), this would interrest me.
Laurent
walter(_dot_)williams%genuity(_dot_)com(_at_)Internet
11/05/2000 14:54
To: Laurent Deffranne/GKBCCB(_at_)GKBCCB,
ietf-smime%imc(_dot_)org(_at_)Internet
cc:
Subject: RE: Does Smime works fine with Windows 2000 PKI
Laurent;
Yes, certs issued from a W2K CA can be used for S/MIME, and no less so than
certs issued from Baltimore, Iplanet or any other CA vendor or product. The
main issue is not will they work, but will you be able to validate the
certs. Unless the person issuing the cert from W2K has provided you with
their server's cert, or they have certified their CA with the signature of
the publicly known CAs you will not be able to easily verify the signature
to its source. This is not the most technically acurate way of saying this
but I'm not awake yet. Baltimore has preregistered there CA with the
vendors distributing products, as has Verisign, Thaught, and many others.
Just make certain that you have the certificates for the W2K CA, and access
to its revocation list so you can validate properly and you'll be fine.
Walt Williams
TSD-Systems
Senior IT Analyst
Genuity
www.genuity.com
Please note: GTE Internetworking is now Genuity.
-----Original Message-----
From: owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org]On Behalf Of Laurent
Deffranne
Sent: Thursday, May 11, 2000 5:45 AM
To: ietf-smime
Subject: Does Smime works fine with Windows 2000 PKI
Hi everybody,
Just a question :
Is there any known issues using S/MIME with Win2000PKI-certificates ?
More generally, are Win2000 certificates usable with (and
understood by ) the others mailers (especially Lotus Notes,
Netscape, Eudora +plug-in?)
Isn't Baltimore Unicert a "better choice" due to its greater
compatibility ?
Any advices are welcome.
Regards,
Laurent Deffranne
Walter B Williams.vcf
Description: Walter B Williams.vcf