From: collins@newton.apple.com (Scott Collins)
Date: Tue, 7 Sep 93 12:26:42 PDT
To: greg@ideath.goldenbear.com (Greg Broiles)
Subject: Re: Who generates AOCE keys?
Message-ID: <9309071843.AA27927@newton.apple.com>
MIME-Version: 1.0
Content-Type: text/plain


In the software I used (as recently as last Thursday) the keys are
_absolutely_, _positively_ generated locally.  Subsequently the public key
can be mailed automagically to RSADSI to be incorporated into a certificate
which is returned to you.  The latest version of RIPEM Mac uses the same
procedure for the same functionality.

  >>[...] users will get certified keys from RSA [...]

Yes!  _After_ sending RSADSI an uncertified key.


  >>[the user] can generate a key for use on their network

This is the uncertified key.


  >>Apple believes you'll want publically certified keys

Thus, they provide a mechanism to get RSADSI to certify your (self
generated) key.


Scott Collins         | "Few people realize what tremendous power there
                      |  is in one of these things."     -- Willy Wonka
......................|................................................
BUSINESS.   voice:408.862.0540  fax:974.6094   collins@newton.apple.com
Apple Computer, Inc.   1 Infinite Loop, MS 301-2C   Cupertino, CA 95014
.......................................................................
PERSONAL.   voice/fax:408.257.1746    1024:669687   catalyst@netcom.com