Bug 5541 – grid-cert-request scripts should not require CA email

Bug 5541 - grid-cert-request scripts should not require CA email

Summary:

grid-cert-request scripts should not require CA email

Status:	NEW

Product:	Simple CA
Component:	Simple CA
Version:	4.0.5
Platform:	All Linux

Importance:	P3 enhancement
Target Milestone:	---
Assigned To:	Joe Bester

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2007-09-10 11:18 by Rachana Ananthakrishnan
Modified:	2008-08-11 15:51 (History)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note

You need to log in before you can comment on or make changes to this bug.

Description From Rachana Ananthakrishnan 2007-09-10 11:18:29

As suggested on the mailing list,
http://www.globus.org/mail_archive/gt-user/2007/09/msg00063.html, there is no
reason for the SimpleCA scripts to require a CA email address. With other
mechanisms to transport the public key for CA signing, the script should merely
generate the request and suggest the user follow CA's instructions for
obtaining certificate.

------- Comment #1 From Olivier Ricou 2007-09-10 16:03:48 -------

I cannot see any vital reason to ask for the CA to make user or host keys ?

I want grid-cert-request to make the private key and the
request, nothing else. I can understand it may help users to
get a message about sending the right file to the right mail
address, but we should have an option to avoid that.

I can imagine a user making his own keys without having the CA on his computer.
For the fun:

% grid-cert-request -help
Can't find valid CA config files. Please make sure
that you have installed and setup a CA setup package.

------- Comment #2 From Rachana Ananthakrishnan 2007-09-10 16:19:18 -------

Changed configuration based on user's request