Firewalls: Netscape's Certificate Servers

Firewalls
(July 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Netscape's Certificate Servers
From:	Nathan Steinbauer <nathan @ datasource . net>
Organization:	DataSource Hagen
Date:	Fri, 25 Jul 1997 17:46:29 -0500
To:	firewalls @ GreatCircle . COM
Reply-to:	nathan @ datasource . net

Hi all,

I have a client who is implementing an intranet with sensitive
information.  Their deveolpers are telling them Netscape's Certificate
Server is "good enough" for their security, but they are not convinced. 
The manager of the project sat in on a conference call with Meta Group
while they tore apart the Certificate Server.  He's not real technical,
so he can't convey all the problems he heard.  

What is the general opinion of this product?  Has anyone heard or seen
any specific holes with the application or security scheme?  Would you
recommend a token based security policy?

Any help will be greatly appreciated.

Thanks,

Nate

Indexed By Date	Previous:	Re: Looking for article - hackers steal fw code From: george @ neato . org
Indexed By Date	Next:	Re: Looking for article - hackers steal fw code From: renegade <renegade @ blkbox . com>
Indexed By Thread	Previous:	Isolation Systems From: Alan Goldberg <agoldber @ istar . ca>
Indexed By Thread	Next:	[no subject] From: Miroslav Perincic <mperin @ public . srce . hr>