Actually, the Exchange Security token is in more common use. But I'm guessing that it might not be the right format to use for an AG cert. I saw your note about writing this up - I'll certainly give it a shot - there's a lot I don't know about how we use them, however. We do have a single-sign-on system for various resources, and using a certificate in your browser is one of the choices.
I would have to say that many more people have Exchange tokens for secure mail than have personal certificates. But since we do have an established method for requesting a personal certificate, and instructions exist for importing them into IE and Netscape, that definitely would be less painful than the present situation. But all this still doesn't really answer the issue of on-the-spot need for a certificate and how to resolve that - but I think that it may be an unresolvable issue. -randy At 01:35 PM 4/16/2004, Robert Olson wrote: >At 02:43 PM 4/16/2004, Randy Groves wrote: >>Until such time as I (or someone) can modify the certificate system in >>such a way what it pays attention, for instance, to certificates already >>installed in IE (for example), or in Exchange/Outlook, > >I've contemplated support for this, and didn't know that anyone actually >used certs there :-). > >How do folks use these certs - do they type the passphrase once at IE and >let it hold it? Or are they installed there without passphrases? > >I've got the code kicking around somewhere for extracting certs from teh >IE cert store; post-2.2 I can start thinking about how to integrate that. > >--bob
