Re: about PKI

Sameer Anja Thu, 21 Feb 2002 07:08:36 -0800

Hi Madhur-

   My answers below:


--- Madhur Nanda <[EMAIL PROTECTED]> wrote:
> Hi,
> 
> Apologize as the topic is not directly related to
> firewalls but to do with information/network
> security.
> 
> A few questions about PKI
> 
> 1) What are the interoperatability issues with using
> dual key pair PKI ( like i read that Netscape e-mail
> client do not support dual keys)I

    Dual Key pairs are not used with regular E-Mail
clients. To enable their use, specific applications
are to be used. MS Outlook/IE have specially
integrated this feature into their products to try and
take control of such markets, but as such E-Mail
clients by themselves are not supposed to provide dual
key pair support.

> 2) Is it possible to build private PKI
> infrastructure wherein even if a user moves from his
> place and try sending mails he's able to use his
> certificate (without having it to export and then
> import i.e. roaming digital certificate but ensuring
> that only owner of the certificate can use it)

  It is possible to build such infrastructures by
using certificates on tokens AND/OR certificates kept
on a public place secured by writing middleware to
access them. These need to envisaged and dictated by
mode of access and also the policy governing
distribution of certificates.

> 3) Is it possible to restrict one certificate per
> user and even if a user tries to request another
> certificate then deny the request with apropriate
> message

   This is possible. Same as answer (2) above.

> 4) Good disaster recovery for Certificate servers

   Can be done. Same as DR for other servers. Could
you be more specific here?

> 5)  Would appreciate if some one can share some case
> studies on private PKI implementation
> 

    I dont have case studies as such, but I guess you
could get them from www.entrust.com ,
www.verisign.com, www.pkiforum.org etc...

-Sam


> 
> TIA
> 
> regards,
> MAdhur
> _______________________________________________
> Firewalls mailing list
> [EMAIL PROTECTED]
> http://lists.gnac.net/mailman/listinfo/firewalls



__________________________________________________
Do You Yahoo!?
Yahoo! Sports - Coverage of the 2002 Olympic Games
http://sports.yahoo.com
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls

Re: about PKI

Reply via email to