Andr�a Cavallari wrote:
My answers are in blue!
Hey, we are on a text based mailinglist - so please no HTML mails. My thunderbird can handle such stuff but please think about the guys with elm, pine, mutt ...
> the certificate stop working and we have to tell to the client make a
> new certificate to work with the new configuration.
this sounds strange
I mean that after some changes in browser's configuration I will use the certificate and the Internet Explorer prompt for the cert, but whem I select the cert I get an error and the browser's show me "Action Canceled". So, I can't authenticate. And If I monitoring this acces, on the web server I saw "client handshake failed". Then, I have to issue a new cert for the client.
If you change the security level then the really interesting question is which security level does your key/cert container has. Usually Microsoft asks you which security level your new key/cert should have. If you enter low or medium and you switch the security level (of your browser or internet zone) to high then the internet exporer cannot use a medium level certificate to authenticate on a high level security zone.
This is only an idea but usually IE set the security level of a key to medium. After a change to high it is a good idea from Microsoft to do not use a medium level key.
Michael -- _______________________________________________________________
Michael Bell Humboldt-Universitaet zu Berlin
Tel.: +49 (0)30-2093 2482 ZE Computer- und Medienservice Fax: +49 (0)30-2093 2704 Unter den Linden 6 [EMAIL PROTECTED] D-10099 Berlin _______________________________________________________________
smime.p7s
Description: S/MIME Cryptographic Signature
