Solved

Question of Digital Certificate.........Thank you!

Posted on 2002-03-27
8
148 Views
Last Modified: 2010-04-11
Is the passphrase unchangable once it is issued by the CA?

Will the passphrase cached(optionally?) by the browser so that it may be less secure?
If so, how the passphrase is cached? in cookies? in other way?
0
Comment
Question by:secret_boy
  • 3
  • 3
  • 2
8 Comments
 
LVL 24

Expert Comment

by:SunBow
Comment Utility
Simple enough,
Fill out application, and pay up, you get one.
Know that there is more than one kind, depending on the level of security desired. For example, you'd need to be findable (business, solid, good address, etc), and even visit in person and more to get improvements in certification.

> once it is issued by the CA?

once issued, no change other than delete, or rather "revoke"

> by the browser so that it may be less secure?

hmmm, ever notice on browser for one mfr.... that it has a checkbox for (adlib) "notify me of revocations", with default yes....... however, other option "check for revocation" has default = No. So since it does NOT check, you will never be notified.

You tell me now, is that a feature for desired speed-up of browser functions or is it... (quoting your last words:) "so that it may be less secure? "
0
 

Author Comment

by:secret_boy
Comment Utility
Would you explain more, how the passphrase is cached?
in cookies? in other way?

If the passphrase can't be changed, but the user really wants to... the only way is re-apply a cert?


Thx.
0
 

Author Comment

by:secret_boy
Comment Utility
Is the passphrase unchangable once it is issued by the CA?

Will the passphrase cached(optionally?) by the browser so that it may be less secure?
If so, how the passphrase is cached? in cookies? in other way?
0
 
LVL 3

Expert Comment

by:FlamingSword
Comment Utility
> unchangable once it is issued by the CA?

yes. (ditto)
To change, the original is invalidated, never reused.
Also referred to as 'revoked'
You can get another.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 3

Expert Comment

by:FlamingSword
Comment Utility
You are probably best served by reviewing NetScape's literature on SSL, for they pretty much put it all together in a way the can work. More or less, founding father that way.

But more up to date can be had from the vendors. Here is one popular one, that may help you understand better what you are looking for than I:

http://www.entrust.net/products/certadmin/certadmin_guide.htm
0
 
LVL 24

Accepted Solution

by:
SunBow earned 300 total points
Comment Utility
(per what-is):
passphrase
A passphrase is a string of characters longer than the usual password (which is typically from four to 16 characters long) that is used in creating a digital signature (an encoded signature that proves to someone that it was really you who sent a message) or in an encryption or a decryption of a message. For example, Phil Zimmermann's popular encryption program, Pretty Good Privacy, requires a passphrase when you sign or decrypt a message. Passphrases are often up to 100 characters in length.
0
 
LVL 3

Expert Comment

by:FlamingSword
Comment Utility
Another vendor (long technical document) at:
http://www.verisign.com/repository/cps20/cps20.doc
0
 
LVL 24

Expert Comment

by:SunBow
Comment Utility
Another useful link:
http://world.std.com/~reinhold/dir/diceware.html

Note that whatever program it is you use, it should not be capable to 'remember' the phrase, as that defeats the purpose, being akin to a security hole as you allude to. It should be available for duration of forming key, not after.
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Never store passwords in plain text or just their hash: it seems a no-brainier, but there are still plenty of people doing that. I present the why and how on this subject, offering my own real life solution that you can implement right away, bringin…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now