Black Unicorn:
Does there currently exist a system which permits webservers to restrict access to clients who have a given certification?
Sameer:
Yup.
....
=) Stronghold: The Apache-SSL-US, coupled with XCert Sentry. What else?
Bill Stewart:
Of course, there's a simpler approach; restrict access to people who have logins and passwords, and only give those to people who have the certification...
But of course, cleartext passwords have their own problems. You really need to make use of the fact that there is a computer at both ends so you are protected from replay attacks. With that caveat, passwords work fine (except for the difficulty of remembering a bunch of them vs. the insecurity of using the same one multiple places or writing them down). ------------------------------------------------------------------------ Bill Frantz | The CDA means | Periwinkle -- Computer Consulting (408)356-8506 | lost jobs and | 16345 Englewood Ave. frantz@netcom.com | dead teenagers | Los Gatos, CA 95032, USA
participants (1)
-
frantz@netcom.com