Does there currently exist a system which permits webservers to restrict access to clients who have a given certification? What is the current certification practice? How easy is it to certify a given client? Are webserver certifications sufficently secure today? What are the best servers to use for secure web pages and certification currently in the United States? --- My preferred and soon to be permanent e-mail address:unicorn@schloss.li "In fact, had Bancroft not existed, potestas scientiae in usu est Franklin might have had to invent him." in nihilum nil posse reverti 00B9289C28DC0E55 E16D5378B81E1C96 - Finger for Current Key Information Opp. Counsel: For all your expert testimony needs: jimbell@pacifier.com
Does there currently exist a system which permits webservers to restrict access to clients who have a given certification?
Yup.
What is the current certification practice?
Use either VeriSign, or build your own CA.
How easy is it to certify a given client?
Rather easy, using XCert Sentry.
Are webserver certifications sufficently secure today?
"sufficiently" by whose definition?
What are the best servers to use for secure web pages and certification currently in the United States?
=) Stronghold: The Apache-SSL-US, coupled with XCert Sentry. What else? -- Sameer Parekh Voice: 510-601-9777x3 Community ConneXion, Inc. FAX: 510-601-9734 The Internet Privacy Provider Dialin: 510-658-6376 http://www.c2.net/ (or login as "guest") sameer@c2.net
On Thu, 6 Jun 1996 sameer@c2.org wrote:
Does there currently exist a system which permits webservers to restrict access to clients who have a given certification?
Yup.
I was hoping you'd chime in. How about for macs?
What is the current certification practice?
Use either VeriSign, or build your own CA.
"Build your own CA" ?
How easy is it to certify a given client?
Rather easy, using XCert Sentry.
Hmmm, how's it done? Included with the Apache package?
Are webserver certifications sufficently secure today?
"sufficiently" by whose definition?
Yours.
What are the best servers to use for secure web pages and certification currently in the United States?
=) Stronghold: The Apache-SSL-US, coupled with XCert Sentry. What else?
Got a marketing package around?
-- Sameer Parekh Voice: 510-601-9777x3 Community ConneXion, Inc. FAX: 510-601-9734 The Internet Privacy Provider Dialin: 510-658-6376 http://www.c2.net/ (or login as "guest") sameer@c2.net
--- My preferred and soon to be permanent e-mail address:unicorn@schloss.li "In fact, had Bancroft not existed, potestas scientiae in usu est Franklin might have had to invent him." in nihilum nil posse reverti 00B9289C28DC0E55 E16D5378B81E1C96 - Finger for Current Key Information Opp. Counsel: For all your expert testimony needs: jimbell@pacifier.com
I was hoping you'd chime in. How about for macs?
I think WebStar/SSL does SSL, but I don't know if it does client auth. I doubt it though. Netscape Navigator 3.0b4 does client auth, if you need a client that runs on a mac.
"Build your own CA" ?
Yeah, my package (and XCert Sentry) has stuff to let your build your own CA, for your own company, or whatever.
Hmmm, how's it done? Included with the Apache package?
Xcert Sentry is a seperate product, sold by a seperate company. http://www.xcert.com/
Got a marketing package around?
Not yet. http;//www.us.apache-ssl.com/ for now. -- Sameer Parekh Voice: 510-601-9777x3 Community ConneXion, Inc. FAX: 510-601-9734 The Internet Privacy Provider Dialin: 510-658-6376 http://www.c2.net/ (or login as "guest") sameer@c2.net
participants (3)
-
Black Unicorn -
S. Logan vonBernhardi
-
sameer@c2.org