Question of Digital Certificate.........Thank you!

Is the passphrase unchangable once it is issued by the CA?

Will the passphrase cached(optionally?) by the browser so that it may be less secure?
If so, how the passphrase is cached? in cookies? in other way?
secret_boyAsked:
Who is Participating?
 
SunBowConnect With a Mentor Commented:
(per what-is):
passphrase
A passphrase is a string of characters longer than the usual password (which is typically from four to 16 characters long) that is used in creating a digital signature (an encoded signature that proves to someone that it was really you who sent a message) or in an encryption or a decryption of a message. For example, Phil Zimmermann's popular encryption program, Pretty Good Privacy, requires a passphrase when you sign or decrypt a message. Passphrases are often up to 100 characters in length.
0
 
SunBowCommented:
Simple enough,
Fill out application, and pay up, you get one.
Know that there is more than one kind, depending on the level of security desired. For example, you'd need to be findable (business, solid, good address, etc), and even visit in person and more to get improvements in certification.

> once it is issued by the CA?

once issued, no change other than delete, or rather "revoke"

> by the browser so that it may be less secure?

hmmm, ever notice on browser for one mfr.... that it has a checkbox for (adlib) "notify me of revocations", with default yes....... however, other option "check for revocation" has default = No. So since it does NOT check, you will never be notified.

You tell me now, is that a feature for desired speed-up of browser functions or is it... (quoting your last words:) "so that it may be less secure? "
0
 
secret_boyAuthor Commented:
Would you explain more, how the passphrase is cached?
in cookies? in other way?

If the passphrase can't be changed, but the user really wants to... the only way is re-apply a cert?


Thx.
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
secret_boyAuthor Commented:
Is the passphrase unchangable once it is issued by the CA?

Will the passphrase cached(optionally?) by the browser so that it may be less secure?
If so, how the passphrase is cached? in cookies? in other way?
0
 
FlamingSwordCommented:
> unchangable once it is issued by the CA?

yes. (ditto)
To change, the original is invalidated, never reused.
Also referred to as 'revoked'
You can get another.
0
 
FlamingSwordCommented:
You are probably best served by reviewing NetScape's literature on SSL, for they pretty much put it all together in a way the can work. More or less, founding father that way.

But more up to date can be had from the vendors. Here is one popular one, that may help you understand better what you are looking for than I:

http://www.entrust.net/products/certadmin/certadmin_guide.htm
0
 
FlamingSwordCommented:
Another vendor (long technical document) at:
http://www.verisign.com/repository/cps20/cps20.doc
0
 
SunBowCommented:
Another useful link:
http://world.std.com/~reinhold/dir/diceware.html

Note that whatever program it is you use, it should not be capable to 'remember' the phrase, as that defeats the purpose, being akin to a security hole as you allude to. It should be available for duration of forming key, not after.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.