Menu
▾
▴
[OpenCA-announce] OpenCA v0.8.0 -- Released (2 Nov 2001)
|
From: <ope...@li...> - 2001-11-02 15:27:04
|
OpenCA Project Overview:
========================
The OpenCA Project is a collaborative effort to develop a robust,
full featured and Open Source out-of-the-box Certification Authority
implementing the most used protocols with full-strength cryptography
world-wide. OpenCA is based on many Open Source Projects. Among the
supported software is OpenLDAP, OpenSSL, Apache Project's httpd,
mod_ssl.
The project development is divided into two main tasks: studying
and refining the security scheme that guarantees the best model to
be used in a CA and developing software to easily setup and manage
a Certification Authority.
Project Status:
===============
OpenCA version 0.9.0 Status: Developing
OpenCA version 0.8.0 Status: Released 02 Nov 2001
OpenCA version 0.6.0 Status: [ Never Released ]
OpenCA version 0.2.0 Status: Released 16 Nov 1999
OpenCA Current features:
========================
o Certification Authority can now import requests, list certificate
requests, export certs, archive requests, view archived requests,
delete requests, issue certificates, verify RA operator identity,
export CRL;
o Registration Authorities Server can list pending/deleted/archived
requests, approve requests, export requests to removable media,
import new certs from removable media, import CRLs, export CA
certificate to LDAP, export CRLs to LDAP, initialize LDAP, export
client certificates to LDAP;
o Public server can list pending requests, accept PKCS#10 certification
requests, accept SPKAC certification requests, accept IE certification
requests, deliver issued certificates to users, deliver issued CRLs
to users, display CRLs, list users' certificates;
OpenCA differences to previous release (0.2.0):
===============================================
o Modularization process completed. OpenCA now uses a series of modules
to easily code organization and handling of pki related objects (such
as certificates, crl, requests, etc...).
o Added support for Internet Explorer for requesting certificates.
o Stripped off the EMAIL field from certificates (default behaviour,
this could be avoided by editing the email_in_dn parameter in the
provided openssl configuration file);
o Initial Certificate extensions management. Actually it is possible to
add new certificates profiles (using openssl extfiles). This gives
the possibility both to the RA Operator and to the CA Operator to
choose the certificate's profile to be used.
o Added support for managing DNs before approving a request.
o LDAP support included using new perl-ldap module over the Net-LDAPApi
one. We have decided to move to the perl-ldap module because of many
problems found when installing the old Net-LDAPApi module as this is
no more supported and incompatibility issues arise with openldap 2.xx
versions.
o DB backend support added for PKI related objects. The DB backend
currently has support for file-based DBMs and for SQL DBMs (mySql,
Oracle, DB2, Postgres).
o DBMs backend initialization is web-based both on the RAServer and
on the CA.
o Installation now uses autoconf scripts. The autoconf script usage
is aimed towards the easy of the installation process on different
platforms.
o Enabled RA Operator's signature verification before issuing the new
certificate (uses the openca-verify command of the OpenCA-SV package).
o Bugfixing.
References:
===========
The OpenCA Project main website can be found at http://www.openca.org (or
at http://openca.sourceforge.net). You can find all current versions and
available documentation there.
You can also download any part of the software or documentation also at the
official ftp site:
ftp://ftp.openca.org
ftp://openca.sourceforge.net/pub/openca (soon removed)
or from one of the official mirrors:
http://www.openca.org/openca/mirrors.shtml
OpenCA Developers Group
--o-------------------------------------------------------------------------
Massimiliano Pala [OpenCA Project Manager] ma...@cp...
ma...@op...
ma...@ha...
http://www.openca.org Tel.: +39 (0)59 270 094
http://openca.sourceforge.net Mobile: +39 (0)347 7222 365
|