Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Question of Digital Certificate.........Thank you!

Posted on 2002-03-27
8
151 Views
Last Modified: 2010-04-11
Is the passphrase unchangable once it is issued by the CA?

Will the passphrase cached(optionally?) by the browser so that it may be less secure?
If so, how the passphrase is cached? in cookies? in other way?
0
Comment
Question by:secret_boy
  • 3
  • 3
  • 2
8 Comments
 
LVL 24

Expert Comment

by:SunBow
ID: 6901158
Simple enough,
Fill out application, and pay up, you get one.
Know that there is more than one kind, depending on the level of security desired. For example, you'd need to be findable (business, solid, good address, etc), and even visit in person and more to get improvements in certification.

> once it is issued by the CA?

once issued, no change other than delete, or rather "revoke"

> by the browser so that it may be less secure?

hmmm, ever notice on browser for one mfr.... that it has a checkbox for (adlib) "notify me of revocations", with default yes....... however, other option "check for revocation" has default = No. So since it does NOT check, you will never be notified.

You tell me now, is that a feature for desired speed-up of browser functions or is it... (quoting your last words:) "so that it may be less secure? "
0
 

Author Comment

by:secret_boy
ID: 6901489
Would you explain more, how the passphrase is cached?
in cookies? in other way?

If the passphrase can't be changed, but the user really wants to... the only way is re-apply a cert?


Thx.
0
 

Author Comment

by:secret_boy
ID: 6904851
Is the passphrase unchangable once it is issued by the CA?

Will the passphrase cached(optionally?) by the browser so that it may be less secure?
If so, how the passphrase is cached? in cookies? in other way?
0
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

 
LVL 3

Expert Comment

by:FlamingSword
ID: 6916755
> unchangable once it is issued by the CA?

yes. (ditto)
To change, the original is invalidated, never reused.
Also referred to as 'revoked'
You can get another.
0
 
LVL 3

Expert Comment

by:FlamingSword
ID: 6916763
You are probably best served by reviewing NetScape's literature on SSL, for they pretty much put it all together in a way the can work. More or less, founding father that way.

But more up to date can be had from the vendors. Here is one popular one, that may help you understand better what you are looking for than I:

http://www.entrust.net/products/certadmin/certadmin_guide.htm
0
 
LVL 24

Accepted Solution

by:
SunBow earned 300 total points
ID: 6916770
(per what-is):
passphrase
A passphrase is a string of characters longer than the usual password (which is typically from four to 16 characters long) that is used in creating a digital signature (an encoded signature that proves to someone that it was really you who sent a message) or in an encryption or a decryption of a message. For example, Phil Zimmermann's popular encryption program, Pretty Good Privacy, requires a passphrase when you sign or decrypt a message. Passphrases are often up to 100 characters in length.
0
 
LVL 3

Expert Comment

by:FlamingSword
ID: 6916787
Another vendor (long technical document) at:
http://www.verisign.com/repository/cps20/cps20.doc
0
 
LVL 24

Expert Comment

by:SunBow
ID: 6916790
Another useful link:
http://world.std.com/~reinhold/dir/diceware.html

Note that whatever program it is you use, it should not be capable to 'remember' the phrase, as that defeats the purpose, being akin to a security hole as you allude to. It should be available for duration of forming key, not after.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Data breaches are on the rise, and companies are preparing by boosting their cybersecurity budgets. According to the Cybersecurity Market Report (http://www.cybersecurityventures.com/cybersecurity-market-report), worldwide spending on cybersecurity …
The related questions "How do I recover the passwords for my Q-See DVR" and "How can I reset my Q-See DVR to eliminate a password" are seen several times a week.  Here we discuss the grim reality of the situation.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question