Certificates and Authentication
Appendix
J
Introduction to Public-Key Cryptography
779
known as nonrepudiation. In other words, signed email makes it very difficult for
the sender to deny having sent the message. This is important for many forms of
business communication. (For information about the way digital signatures work,
see “Digital Signatures,” which begins on page 769.)
S/MIME also makes it possible to encrypt email messages. This is also important
for some business users. However, using encryption for email requires careful
planning. If the recipient of encrypted email messages loses his or her private key
and does not have access to a backup copy of the key, for example, the encrypted
messages can never be decrypted.
Form Signing
Many kinds of e-commerce require the ability to provide persistent proof that
someone has authorized a transaction. Although SSL provides transient client
authentication for the duration of an SSL connection, it does not provide persistent
authentication for transactions that may occur during that connection. S/MIME
provides persistent authentication for email, but e-commerce often involves filling
in a form on a web page rather than sending an email.
The Netscape technology known as form signing addresses the need for persistent
authentication of financial transactions. Form signing allows a user to associate a
digital signature with web-based data generated as the result of a transaction, such
as a purchase order or other financial document. The private key associated with
either a client SSL certificate or an S/MIME certificate may be used for this
purpose.
When a user clicks the Submit button on a web-based form that supports form
signing, a dialog box appears that displays the exact text to be signed. The form
designer can either specify the certificate that should be used or allow the user to
select a certificate from among the client SSL and S/MIME certificates that are
installed in Communicator. When the user clicks OK, the text is signed, and both
the text and the digital signature are submitted to the server. The server can then
use a Netscape utility called the Signature Verification Tool to validate the digital
signature.
For more information about support for form signing in Netscape products, see
Netscape Form Signing.
Single Sign-On
Network users are frequently required to remember multiple passwords for the
various services they use. For example, a user might have to type a different
password to log into the network, collect email, use directory services, use the
corporate calendar program, and access various servers. Multiple passwords are an
ongoing headache for both users and system administrators. Users have difficulty
Содержание Certificate Management System 6.1
Страница 1: ...Administrator s Guide Netscape Certificate Management System Version6 1 February 2003...
Страница 28: ...Documentation 28 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 68: ...Support for Open Standards 68 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 82: ...Uninstalling CMS 82 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 166: ...How a Registration Manager Works 166 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 382: ...ACL Reference 382 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 566: ...Managing Policy Plug in Modules 566 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 710: ...1 3 Organization Security Policies 710 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 716: ...Object Identifiers 716 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 762: ...DNs in Certificate Management System 762 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 794: ...Managing Certificates 794 Managing Servers with Netscape Console December 2001...
Страница 810: ...The SSL Handshake 810 Managing Servers with Netscape Console December 2001...
Страница 828: ...828 Netscape Certificate Management System Administrator s Guide February 2003...