Solved

Question of Digital Certificate.........Thank you!

Posted on 2002-03-27
8
152 Views
Last Modified: 2010-04-11
Is the passphrase unchangable once it is issued by the CA?

Will the passphrase cached(optionally?) by the browser so that it may be less secure?
If so, how the passphrase is cached? in cookies? in other way?
0
Comment
Question by:secret_boy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
8 Comments
 
LVL 24

Expert Comment

by:SunBow
ID: 6901158
Simple enough,
Fill out application, and pay up, you get one.
Know that there is more than one kind, depending on the level of security desired. For example, you'd need to be findable (business, solid, good address, etc), and even visit in person and more to get improvements in certification.

> once it is issued by the CA?

once issued, no change other than delete, or rather "revoke"

> by the browser so that it may be less secure?

hmmm, ever notice on browser for one mfr.... that it has a checkbox for (adlib) "notify me of revocations", with default yes....... however, other option "check for revocation" has default = No. So since it does NOT check, you will never be notified.

You tell me now, is that a feature for desired speed-up of browser functions or is it... (quoting your last words:) "so that it may be less secure? "
0
 

Author Comment

by:secret_boy
ID: 6901489
Would you explain more, how the passphrase is cached?
in cookies? in other way?

If the passphrase can't be changed, but the user really wants to... the only way is re-apply a cert?


Thx.
0
 

Author Comment

by:secret_boy
ID: 6904851
Is the passphrase unchangable once it is issued by the CA?

Will the passphrase cached(optionally?) by the browser so that it may be less secure?
If so, how the passphrase is cached? in cookies? in other way?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 3

Expert Comment

by:FlamingSword
ID: 6916755
> unchangable once it is issued by the CA?

yes. (ditto)
To change, the original is invalidated, never reused.
Also referred to as 'revoked'
You can get another.
0
 
LVL 3

Expert Comment

by:FlamingSword
ID: 6916763
You are probably best served by reviewing NetScape's literature on SSL, for they pretty much put it all together in a way the can work. More or less, founding father that way.

But more up to date can be had from the vendors. Here is one popular one, that may help you understand better what you are looking for than I:

http://www.entrust.net/products/certadmin/certadmin_guide.htm
0
 
LVL 24

Accepted Solution

by:
SunBow earned 300 total points
ID: 6916770
(per what-is):
passphrase
A passphrase is a string of characters longer than the usual password (which is typically from four to 16 characters long) that is used in creating a digital signature (an encoded signature that proves to someone that it was really you who sent a message) or in an encryption or a decryption of a message. For example, Phil Zimmermann's popular encryption program, Pretty Good Privacy, requires a passphrase when you sign or decrypt a message. Passphrases are often up to 100 characters in length.
0
 
LVL 3

Expert Comment

by:FlamingSword
ID: 6916787
Another vendor (long technical document) at:
http://www.verisign.com/repository/cps20/cps20.doc
0
 
LVL 24

Expert Comment

by:SunBow
ID: 6916790
Another useful link:
http://world.std.com/~reinhold/dir/diceware.html

Note that whatever program it is you use, it should not be capable to 'remember' the phrase, as that defeats the purpose, being akin to a security hole as you allude to. It should be available for duration of forming key, not after.
0

Featured Post

Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware continues to grow in reach and sophistication, putting data everywhere at risk. Learn how to avoid being caught in its sinister clutches with these 11 key tips.
Smart phones, smart watches, Bluetooth-connected devices—the IoT is all around us. In this article, we take a look at the security implications of our highly connected world.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question