David A. Lee wrote:
>
> For example, IIS Server and IE and Netscape clients never ask me for
> pass phrases when using certificates. Does this mean as I suspect
> that those products are not really secure ? Or have they found another
> method to protect certificates from copying without requiring pass phrases ?
You can protect client certs (at least with netscape)
with a pass phrase (this is the re-translation from german.
Don't know wetjher they are completely correct.
Communicator->Security information->passwords
About IE I never cared ;-)
For stand alone applications that automatically start up like
webservers you must trust the file protection mechanism to
not give out the key to the wrong person...
--
Holger Reif Tel.: +49 361 74707-0
SmartRing GmbH Fax.: +49 361 7470720
Europaplatz 5 [EMAIL PROTECTED]
D-99091 Erfurt WWW.SmartRing.de
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
