Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 159
  • Last Modified:

Question of Digital Certificate.........Thank you!

Is the passphrase unchangable once it is issued by the CA?

Will the passphrase cached(optionally?) by the browser so that it may be less secure?
If so, how the passphrase is cached? in cookies? in other way?
0
secret_boy
Asked:
secret_boy
  • 3
  • 3
  • 2
1 Solution
 
SunBowCommented:
Simple enough,
Fill out application, and pay up, you get one.
Know that there is more than one kind, depending on the level of security desired. For example, you'd need to be findable (business, solid, good address, etc), and even visit in person and more to get improvements in certification.

> once it is issued by the CA?

once issued, no change other than delete, or rather "revoke"

> by the browser so that it may be less secure?

hmmm, ever notice on browser for one mfr.... that it has a checkbox for (adlib) "notify me of revocations", with default yes....... however, other option "check for revocation" has default = No. So since it does NOT check, you will never be notified.

You tell me now, is that a feature for desired speed-up of browser functions or is it... (quoting your last words:) "so that it may be less secure? "
0
 
secret_boyAuthor Commented:
Would you explain more, how the passphrase is cached?
in cookies? in other way?

If the passphrase can't be changed, but the user really wants to... the only way is re-apply a cert?


Thx.
0
 
secret_boyAuthor Commented:
Is the passphrase unchangable once it is issued by the CA?

Will the passphrase cached(optionally?) by the browser so that it may be less secure?
If so, how the passphrase is cached? in cookies? in other way?
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
FlamingSwordCommented:
> unchangable once it is issued by the CA?

yes. (ditto)
To change, the original is invalidated, never reused.
Also referred to as 'revoked'
You can get another.
0
 
FlamingSwordCommented:
You are probably best served by reviewing NetScape's literature on SSL, for they pretty much put it all together in a way the can work. More or less, founding father that way.

But more up to date can be had from the vendors. Here is one popular one, that may help you understand better what you are looking for than I:

http://www.entrust.net/products/certadmin/certadmin_guide.htm
0
 
SunBowCommented:
(per what-is):
passphrase
A passphrase is a string of characters longer than the usual password (which is typically from four to 16 characters long) that is used in creating a digital signature (an encoded signature that proves to someone that it was really you who sent a message) or in an encryption or a decryption of a message. For example, Phil Zimmermann's popular encryption program, Pretty Good Privacy, requires a passphrase when you sign or decrypt a message. Passphrases are often up to 100 characters in length.
0
 
FlamingSwordCommented:
Another vendor (long technical document) at:
http://www.verisign.com/repository/cps20/cps20.doc
0
 
SunBowCommented:
Another useful link:
http://world.std.com/~reinhold/dir/diceware.html

Note that whatever program it is you use, it should not be capable to 'remember' the phrase, as that defeats the purpose, being akin to a security hole as you allude to. It should be available for duration of forming key, not after.
0

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

  • 3
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now