1995-08-18 - Re: Netscape security

Header Data

From: sameer <sameer@c2.org>
To: adam@bwh.harvard.edu (Adam Shostack)
Message Hash: 79a1c38f292da2903f708fa8bff53d9e258872f755ab5fef353b8c7accf76c8f
Message ID: <199508181529.IAA01360@infinity.c2.org>
Reply To: <9508181509.AA01916@joplin.harvard.edu>
UTC Datetime: 1995-08-18 15:34:20 UTC
Raw Date: Fri, 18 Aug 95 08:34:20 PDT

Raw message

From: sameer <sameer@c2.org>
Date: Fri, 18 Aug 95 08:34:20 PDT
To: adam@bwh.harvard.edu (Adam Shostack)
Subject: Re: Netscape security
In-Reply-To: <9508181509.AA01916@joplin.harvard.edu>
Message-ID: <199508181529.IAA01360@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 	The certificates must be signed by an approved key signing
> agency.  Anyone can produce one; to get it to interact 'securely' with
> free netscape browsers you need the certificate to be signed.
> 
> 	There is no word as to how to become a KSA.  Netscpe has
> ignored the question on several occaisons.
> 

	It is interesting that in order for me to use the commerce
server on an *internal* application I am working on, my project
*still* needed to get the key signed by verisign, even though no one
outside of the company i am working for will have access to the
commerce server my application is running on.

-- 
sameer						Voice:   510-601-9777
Network Administrator				FAX:	 510-601-9734
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




Thread