There are some case studies at www.spyrus.com and www.rsa.com
----- Original Message -----
From: "Sameer Anja" <[EMAIL PROTECTED]>
To: "Madhur Nanda" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Thursday, February 21, 2002 9:03 AM
Subject: Re: about PKI
Hi Madhur-
My answers below:
--- Madhur Nanda <[EMAIL PROTECTED]> wrote:
> Hi,
>
> Apologize as the topic is not directly related to
> firewalls but to do with information/network
> security.
>
> A few questions about PKI
>
> 1) What are the interoperatability issues with using
> dual key pair PKI ( like i read that Netscape e-mail
> client do not support dual keys)I
Dual Key pairs are not used with regular E-Mail
clients. To enable their use, specific applications
are to be used. MS Outlook/IE have specially
integrated this feature into their products to try and
take control of such markets, but as such E-Mail
clients by themselves are not supposed to provide dual
key pair support.
> 2) Is it possible to build private PKI
> infrastructure wherein even if a user moves from his
> place and try sending mails he's able to use his
> certificate (without having it to export and then
> import i.e. roaming digital certificate but ensuring
> that only owner of the certificate can use it)
It is possible to build such infrastructures by
using certificates on tokens AND/OR certificates kept
on a public place secured by writing middleware to
access them. These need to envisaged and dictated by
mode of access and also the policy governing
distribution of certificates.
> 3) Is it possible to restrict one certificate per
> user and even if a user tries to request another
> certificate then deny the request with apropriate
> message
This is possible. Same as answer (2) above.
> 4) Good disaster recovery for Certificate servers
Can be done. Same as DR for other servers. Could
you be more specific here?
> 5) Would appreciate if some one can share some case
> studies on private PKI implementation
>
I dont have case studies as such, but I guess you
could get them from www.entrust.com ,
www.verisign.com, www.pkiforum.org etc...
-Sam
>
> TIA
>
> regards,
> MAdhur
> _______________________________________________
> Firewalls mailing list
> [EMAIL PROTECTED]
> http://lists.gnac.net/mailman/listinfo/firewalls
__________________________________________________
Do You Yahoo!?
Yahoo! Sports - Coverage of the 2002 Olympic Games
http://sports.yahoo.com
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
