зеркало из https://github.com/mozilla/pjs.git
Updated content for existing help files; added two new help files (all HTML).
This commit is contained in:
Родитель
ae9a113a21
Коммит
775a9a9246
|
@ -9,24 +9,26 @@
|
|||
<body bgcolor="white">
|
||||
|
||||
<a NAME="certs_first"></a>
|
||||
<h1>Certificate Manager</h1>
|
||||
<hr><h1>Certificate Manager</h1>
|
||||
|
||||
<p>This section describes how to use the Certificate Manager. If you are not already viewing the Certificate Manager window, follow these steps:
|
||||
<p>This section describes how to use the Certificate Manager. For more general information on using certificates, see <a href="using_certs_help.html">Using Certificates</a>.
|
||||
|
||||
<p>If you are not already viewing the Certificate Manager window, follow these steps:
|
||||
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Click Privacy and Security.
|
||||
<li>Click Manage Certificates.
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Under the Privacy and Security category, click Certificates. (If no subcategories are visible, click to expand the list.)
|
||||
<li>Click Manage Certificates.
|
||||
</ol>
|
||||
|
||||
<p> </p>
|
||||
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
|
||||
<tr>
|
||||
<td class="inthissection">
|
||||
<p>In this section:</p>
|
||||
<p><a href="#My_Certificates">My Certificates</a></p>
|
||||
<p><a href="#My_Certificates">Your Certificates</a></p>
|
||||
<p><a href="#Web_Site_Certificates">Web Site Certificates</a></p>
|
||||
<p><a href="#CA_Certificates">CA Certificates</a></p>
|
||||
<p><a href="#Security_Devices">Security Devices</a></p>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
@ -34,9 +36,9 @@
|
|||
|
||||
<p> </p>
|
||||
<a NAME="My_Certificates"></a>
|
||||
<h2>My Certificates</h2>
|
||||
<h2>Your Certificates</h2>
|
||||
|
||||
<p>The My Certificates tab in the Certificate Manager allows you to examine and work with the certificates you have on file that identify you, and to set related security passwords. To select a certificate, click its name. To select more than one certificate, hold down the Shift key and click the names of those you want to select.
|
||||
<p>The Your Certificates tab in the Certificate Manager allows you to examine and work with the certificates you have on file that identify you, and to set related security passwords. To select a certificate, click its name. To select more than one certificate, hold down the Shift key and click the names of those you want to select.
|
||||
|
||||
<p>To perform any of the actions listed here, select the certificates on which you want to act and follow these instructions:
|
||||
<UL>
|
||||
|
@ -64,11 +66,13 @@
|
|||
<a NAME="Choose_a_Certificate_Backup_Password"></a>
|
||||
<H3>Choose a Certificate Backup Password</H3>
|
||||
|
||||
<P>A certificate backup password protects one or more certificates that you are backing up using the Backup or Backup All button in the My Certificates panel of the Certificate Manager. The browser asks you to set a certificate backup password when you back up certificates, and requests it when you attempt to restore certificates that have previously been backed up.</P>
|
||||
<P>A certificate backup password protects one or more certificates that you are backing up using the Backup or Backup All button in the Your Certificates panel of the Certificate Manager.
|
||||
|
||||
<P><b>Important:</b> When you click the Backup All button, the browser attempts to back up all of your certificates and associated private keys stored on the browser's software security device. The Backup All button does not back up any certificates that are stored on security devices other than the browser's own software security device. For example, Backup All will not back up any certificates in the list that are stored on a smart card inserted in a smart card reader attached to your computer. Certificates stored on devices other than the browser's software security device must be backed up by selecting their names and clicking the Backup button.</P>
|
||||
<p>The browser asks you to set a certificate backup password when you back up certificates, and requests it when you attempt to restore certificates that have previously been backed up.</P>
|
||||
|
||||
<p>If someone obtains the file containing a certificate that you have backed up and successfully restores the certificate, that person can send messages or access web sites while pretending to be you. This can have negative consequences, for example, if you digitally sign important email messages or manage your bank or investment accounts over the Internet. Therefore, it's important to select a certificate backup password that is difficult to guess. It's also important to record the password in a safe place—and not anywhere that's easily accessible to someone else. If you forget this password, you can't restore the backup of your certificate.</p>
|
||||
<p><b>Choose a good password:</b> If someone obtains the file containing a certificate that you have backed up and successfully restores the certificate, that person can send messages or access web sites while pretending to be you. This can have negative consequences, for example, if you digitally sign important email messages or manage your bank or investment accounts over the Internet.
|
||||
|
||||
<p>Therefore, it's important to select a certificate backup password that is difficult to guess. It's also important to record the password in a safe place—and not anywhere that's easily accessible to someone else. If you forget this password, you can't restore the backup of your certificate.</p>
|
||||
|
||||
<p>
|
||||
[ <A HREF="#certs_first">Return to beginning of Certificate Manager section</A> ]
|
||||
|
@ -76,7 +80,7 @@
|
|||
|
||||
<p> </p>
|
||||
<a NAME="Delete_My_Certificate"></a>
|
||||
<h3>Delete My Certificate</h3>
|
||||
<h3>Delete Your Certificate</h3>
|
||||
|
||||
<P>Before deleting any of your own certificates—even one that has expired—make sure that you won't need it again some day. For example, you can use your own expired certificate for reading old email messages that you may have encrypted with the corresponding private key.
|
||||
</P>
|
||||
|
@ -176,12 +180,39 @@
|
|||
|
||||
<p> </p>
|
||||
<a NAME="Security_Devices"></a>
|
||||
<h3>Security Devices</h3>
|
||||
<hr><h1>Device Manager</h1>
|
||||
|
||||
<p><b>[text to come]</b>
|
||||
<p>This section describes how to use the Device Manager. For background information and step-by-step instructions on the use of the Device Manager, see <a href="using_certs_help.html#using_certs_devices">Manage Smart Cards and Other Security Devices</a>.
|
||||
|
||||
<P>If you are not already viewing the Device Manager window, follow these steps:
|
||||
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Under the Privacy and Security category, choose Certificates. (If no subcategories are visible, click to expand the list.)
|
||||
<li>In the Certificates panel, click Manage Devices.
|
||||
</ol>
|
||||
|
||||
<p>The Device Manager lists each available PKCS #11 module in boldface, and the security devices managed by each module below the module's name.
|
||||
|
||||
<p>When you select a module or device, information about the selected item appears in the middle of the window, and some of the buttons on the right side of the window become available. In general, you perform an action on a module or device by selecting its name and clicking the appropriate button. For example:
|
||||
|
||||
<ul>
|
||||
<li>If you select the Software Security Device, you can click Login or Logout to log in or out of the device, or click Change Password to change the master password for the device.
|
||||
<li>If you select the name of a PKCS #11 module, you can unload the module by clicking Unload. (If you unload a module, both the module and its security devices are no longer available for use by the browser.)
|
||||
</ul>
|
||||
|
||||
<p>To add a new module, click Load. Before adding a new module, you should first install the module software on your computer and if necessary connect any associated hardware device. Follow the instructions provided by the vendor.
|
||||
|
||||
<p>The Enable FIPS button on the right side of the Device Manager allows you to switch to FIPS
|
||||
mode and back again. For more information, see <a href="using_certs_devices_fips#using_certs_devices_fips">Enable FIPS Mode</a>.
|
||||
|
||||
<p>
|
||||
[ <A HREF="#Security_Devices">Return to beginning of Device Manager section</A> ]
|
||||
</p>
|
||||
|
||||
|
||||
<hr>
|
||||
<p><i>5/9/2001</i></p>
|
||||
<p><i>6/5/2001</i></p>
|
||||
<p>Copyright © 1994-2001 Netscape Communications Corporation.</p>
|
||||
|
||||
</body>
|
||||
|
|
|
@ -9,24 +9,26 @@
|
|||
<body bgcolor="white">
|
||||
|
||||
<a NAME="certs_first"></a>
|
||||
<h1>Certificate Manager</h1>
|
||||
<hr><h1>Certificate Manager</h1>
|
||||
|
||||
<p>This section describes how to use the Certificate Manager. If you are not already viewing the Certificate Manager window, follow these steps:
|
||||
<p>This section describes how to use the Certificate Manager. For more general information on using certificates, see <a href="using_certs_help.html">Using Certificates</a>.
|
||||
|
||||
<p>If you are not already viewing the Certificate Manager window, follow these steps:
|
||||
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Click Privacy and Security.
|
||||
<li>Click Manage Certificates.
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Under the Privacy and Security category, click Certificates. (If no subcategories are visible, click to expand the list.)
|
||||
<li>Click Manage Certificates.
|
||||
</ol>
|
||||
|
||||
<p> </p>
|
||||
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
|
||||
<tr>
|
||||
<td class="inthissection">
|
||||
<p>In this section:</p>
|
||||
<p><a href="#My_Certificates">My Certificates</a></p>
|
||||
<p><a href="#My_Certificates">Your Certificates</a></p>
|
||||
<p><a href="#Web_Site_Certificates">Web Site Certificates</a></p>
|
||||
<p><a href="#CA_Certificates">CA Certificates</a></p>
|
||||
<p><a href="#Security_Devices">Security Devices</a></p>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
@ -34,9 +36,9 @@
|
|||
|
||||
<p> </p>
|
||||
<a NAME="My_Certificates"></a>
|
||||
<h2>My Certificates</h2>
|
||||
<h2>Your Certificates</h2>
|
||||
|
||||
<p>The My Certificates tab in the Certificate Manager allows you to examine and work with the certificates you have on file that identify you, and to set related security passwords. To select a certificate, click its name. To select more than one certificate, hold down the Shift key and click the names of those you want to select.
|
||||
<p>The Your Certificates tab in the Certificate Manager allows you to examine and work with the certificates you have on file that identify you, and to set related security passwords. To select a certificate, click its name. To select more than one certificate, hold down the Shift key and click the names of those you want to select.
|
||||
|
||||
<p>To perform any of the actions listed here, select the certificates on which you want to act and follow these instructions:
|
||||
<UL>
|
||||
|
@ -64,11 +66,13 @@
|
|||
<a NAME="Choose_a_Certificate_Backup_Password"></a>
|
||||
<H3>Choose a Certificate Backup Password</H3>
|
||||
|
||||
<P>A certificate backup password protects one or more certificates that you are backing up using the Backup or Backup All button in the My Certificates panel of the Certificate Manager. The browser asks you to set a certificate backup password when you back up certificates, and requests it when you attempt to restore certificates that have previously been backed up.</P>
|
||||
<P>A certificate backup password protects one or more certificates that you are backing up using the Backup or Backup All button in the Your Certificates panel of the Certificate Manager.
|
||||
|
||||
<P><b>Important:</b> When you click the Backup All button, the browser attempts to back up all of your certificates and associated private keys stored on the browser's software security device. The Backup All button does not back up any certificates that are stored on security devices other than the browser's own software security device. For example, Backup All will not back up any certificates in the list that are stored on a smart card inserted in a smart card reader attached to your computer. Certificates stored on devices other than the browser's software security device must be backed up by selecting their names and clicking the Backup button.</P>
|
||||
<p>The browser asks you to set a certificate backup password when you back up certificates, and requests it when you attempt to restore certificates that have previously been backed up.</P>
|
||||
|
||||
<p>If someone obtains the file containing a certificate that you have backed up and successfully restores the certificate, that person can send messages or access web sites while pretending to be you. This can have negative consequences, for example, if you digitally sign important email messages or manage your bank or investment accounts over the Internet. Therefore, it's important to select a certificate backup password that is difficult to guess. It's also important to record the password in a safe place—and not anywhere that's easily accessible to someone else. If you forget this password, you can't restore the backup of your certificate.</p>
|
||||
<p><b>Choose a good password:</b> If someone obtains the file containing a certificate that you have backed up and successfully restores the certificate, that person can send messages or access web sites while pretending to be you. This can have negative consequences, for example, if you digitally sign important email messages or manage your bank or investment accounts over the Internet.
|
||||
|
||||
<p>Therefore, it's important to select a certificate backup password that is difficult to guess. It's also important to record the password in a safe place—and not anywhere that's easily accessible to someone else. If you forget this password, you can't restore the backup of your certificate.</p>
|
||||
|
||||
<p>
|
||||
[ <A HREF="#certs_first">Return to beginning of Certificate Manager section</A> ]
|
||||
|
@ -76,7 +80,7 @@
|
|||
|
||||
<p> </p>
|
||||
<a NAME="Delete_My_Certificate"></a>
|
||||
<h3>Delete My Certificate</h3>
|
||||
<h3>Delete Your Certificate</h3>
|
||||
|
||||
<P>Before deleting any of your own certificates—even one that has expired—make sure that you won't need it again some day. For example, you can use your own expired certificate for reading old email messages that you may have encrypted with the corresponding private key.
|
||||
</P>
|
||||
|
@ -176,12 +180,39 @@
|
|||
|
||||
<p> </p>
|
||||
<a NAME="Security_Devices"></a>
|
||||
<h3>Security Devices</h3>
|
||||
<hr><h1>Device Manager</h1>
|
||||
|
||||
<p><b>[text to come]</b>
|
||||
<p>This section describes how to use the Device Manager. For background information and step-by-step instructions on the use of the Device Manager, see <a href="using_certs_help.html#using_certs_devices">Manage Smart Cards and Other Security Devices</a>.
|
||||
|
||||
<P>If you are not already viewing the Device Manager window, follow these steps:
|
||||
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Under the Privacy and Security category, choose Certificates. (If no subcategories are visible, click to expand the list.)
|
||||
<li>In the Certificates panel, click Manage Devices.
|
||||
</ol>
|
||||
|
||||
<p>The Device Manager lists each available PKCS #11 module in boldface, and the security devices managed by each module below the module's name.
|
||||
|
||||
<p>When you select a module or device, information about the selected item appears in the middle of the window, and some of the buttons on the right side of the window become available. In general, you perform an action on a module or device by selecting its name and clicking the appropriate button. For example:
|
||||
|
||||
<ul>
|
||||
<li>If you select the Software Security Device, you can click Login or Logout to log in or out of the device, or click Change Password to change the master password for the device.
|
||||
<li>If you select the name of a PKCS #11 module, you can unload the module by clicking Unload. (If you unload a module, both the module and its security devices are no longer available for use by the browser.)
|
||||
</ul>
|
||||
|
||||
<p>To add a new module, click Load. Before adding a new module, you should first install the module software on your computer and if necessary connect any associated hardware device. Follow the instructions provided by the vendor.
|
||||
|
||||
<p>The Enable FIPS button on the right side of the Device Manager allows you to switch to FIPS
|
||||
mode and back again. For more information, see <a href="using_certs_devices_fips#using_certs_devices_fips">Enable FIPS Mode</a>.
|
||||
|
||||
<p>
|
||||
[ <A HREF="#Security_Devices">Return to beginning of Device Manager section</A> ]
|
||||
</p>
|
||||
|
||||
|
||||
<hr>
|
||||
<p><i>5/9/2001</i></p>
|
||||
<p><i>6/5/2001</i></p>
|
||||
<p>Copyright © 1994-2001 Netscape Communications Corporation.</p>
|
||||
|
||||
</body>
|
||||
|
|
|
@ -0,0 +1,63 @@
|
|||
<html>
|
||||
<head>
|
||||
<title>Certificate Settings</title>
|
||||
|
||||
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
|
||||
|
||||
</head>
|
||||
|
||||
<body bgcolor="white">
|
||||
|
||||
<a NAME="certs_prefs_help_first"></a>
|
||||
<h1>Certificate Settings </h1>
|
||||
|
||||
<p>This section describes use the Certificates preferences panel. To view Certificates preferences, follow these steps:
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Under the Privacy and Security category, click Certificates. (If no subcategories are visible, click to expand the list.)
|
||||
</ol>
|
||||
|
||||
<p> </p>
|
||||
<a NAME="Client_Certificate_Selection"></a>
|
||||
<h2>Client Certificate Selection</h2>
|
||||
|
||||
<p>You can decide how Navigator selects a certificate from among those you have on file to identify you to a web site:
|
||||
<ul>
|
||||
<LI>If you want Navigator to choose a certificate without asking you, click
|
||||
Select Automatically. This is usually the preferred setting.
|
||||
<LI>If you want Navigator to ask you to select a certificate each time a web site
|
||||
requests one, click Select Manually.
|
||||
</ul>
|
||||
|
||||
<p> </p>
|
||||
<a NAME="Manage_Certificates"></a>
|
||||
<h2>Manage Certificates</h2>
|
||||
|
||||
<p>Certificates are the digital equipvalent of ID cards--they help other people
|
||||
identify you, and they help you identify other people, web sites, and organizations.
|
||||
|
||||
<p>To examine or configure the certificates you have on file, click Manage Certificates.
|
||||
|
||||
<p> </p>
|
||||
<a NAME="Manage_Security_Devices"></a>
|
||||
<h2>Manage Security Devices</h2>
|
||||
|
||||
<p>A security device is a hardware or software device that stores your certificates and keys.
|
||||
For example, a smart card is a security device. Netscape 6 has its own built-in software
|
||||
security device, and you can use additional security devices, such as smart cards, at the same time.
|
||||
|
||||
<p>To examine or configure your security devices, click Manage Security Devices.
|
||||
|
||||
<p>
|
||||
[ <A HREF="#certs_prefs_help_first">Return to beginning of Certificate Settings section</A> ]
|
||||
</p>
|
||||
|
||||
<hr>
|
||||
<p><i>6/5/2001</i></p>
|
||||
<p>Copyright © 1994-2001 Netscape Communications Corporation.</p>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,63 @@
|
|||
<html>
|
||||
<head>
|
||||
<title>Certificate Settings</title>
|
||||
|
||||
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
|
||||
|
||||
</head>
|
||||
|
||||
<body bgcolor="white">
|
||||
|
||||
<a NAME="certs_prefs_help_first"></a>
|
||||
<h1>Certificate Settings </h1>
|
||||
|
||||
<p>This section describes use the Certificates preferences panel. To view Certificates preferences, follow these steps:
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Under the Privacy and Security category, click Certificates. (If no subcategories are visible, click to expand the list.)
|
||||
</ol>
|
||||
|
||||
<p> </p>
|
||||
<a NAME="Client_Certificate_Selection"></a>
|
||||
<h2>Client Certificate Selection</h2>
|
||||
|
||||
<p>You can decide how Navigator selects a certificate from among those you have on file to identify you to a web site:
|
||||
<ul>
|
||||
<LI>If you want Navigator to choose a certificate without asking you, click
|
||||
Select Automatically. This is usually the preferred setting.
|
||||
<LI>If you want Navigator to ask you to select a certificate each time a web site
|
||||
requests one, click Select Manually.
|
||||
</ul>
|
||||
|
||||
<p> </p>
|
||||
<a NAME="Manage_Certificates"></a>
|
||||
<h2>Manage Certificates</h2>
|
||||
|
||||
<p>Certificates are the digital equipvalent of ID cards--they help other people
|
||||
identify you, and they help you identify other people, web sites, and organizations.
|
||||
|
||||
<p>To examine or configure the certificates you have on file, click Manage Certificates.
|
||||
|
||||
<p> </p>
|
||||
<a NAME="Manage_Security_Devices"></a>
|
||||
<h2>Manage Security Devices</h2>
|
||||
|
||||
<p>A security device is a hardware or software device that stores your certificates and keys.
|
||||
For example, a smart card is a security device. Netscape 6 has its own built-in software
|
||||
security device, and you can use additional security devices, such as smart cards, at the same time.
|
||||
|
||||
<p>To examine or configure your security devices, click Manage Security Devices.
|
||||
|
||||
<p>
|
||||
[ <A HREF="#certs_prefs_help_first">Return to beginning of Certificate Settings section</A> ]
|
||||
</p>
|
||||
|
||||
<hr>
|
||||
<p><i>6/5/2001</i></p>
|
||||
<p>Copyright © 1994-2001 Netscape Communications Corporation.</p>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,46 @@
|
|||
<html>
|
||||
<head>
|
||||
<title>Dialog Box Help</title>
|
||||
|
||||
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
|
||||
|
||||
</head>
|
||||
|
||||
<body bgcolor="white">
|
||||
|
||||
<a NAME="context_first"></a>
|
||||
<h1>Dialog Box Help</h1>
|
||||
|
||||
<p>The sections that follow describe how to use preferences, dialog boxes, and other windows that you use to control your browser. Whenever you see a Help button anywhere in the browser interface, click it to see the corresponding information provided here.</p>
|
||||
|
||||
<p>If you're not sure what preference panel or other part of the browser interface you need to use to perform a particular task, look through the other headings in the Contents panel (to the left of this text) to find a description of the task you want to perform.
|
||||
|
||||
<p>You can also browse through the dialog box help sections listed here.
|
||||
|
||||
<p>
|
||||
|
||||
|
||||
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
|
||||
<tr>
|
||||
<td class="inthissection">
|
||||
<p>Dialog Box help topics:</p>
|
||||
<p><a href="ssl_page_info_help.html">SSL Page Info</a></p>
|
||||
<p><a href="certs_help.html">Certificate Manager</a></p>
|
||||
<p><a href="certs_help.html#Security_Devices">Device Manager</a></p>
|
||||
<p><a href="cert_dialog_help.html">Certificate Information and Decisions</a></p>
|
||||
<p><a href="prefs_help.html">Preferences</a></p>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
|
||||
<hr>
|
||||
<p><i>6/12/2001</i></p>
|
||||
<p>Copyright © 1994-2001 Netscape Communications Corporation.</p>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
|
||||
|
||||
|
|
@ -470,7 +470,7 @@ If My Sidebar is closed, you can still see its handle. Move the mouse pointer up
|
|||
|
||||
|
||||
<p> </p>
|
||||
<a NAME="cust_bkmk_create"></a>
|
||||
<a NAME="cust_bkmk_use"></a>
|
||||
<h2>Using Bookmarks</h2>
|
||||
|
||||
<p>Netscape 6 comes with some bookmarks already available. To use a bookmark:
|
||||
|
|
|
@ -470,7 +470,7 @@ If My Sidebar is closed, you can still see its handle. Move the mouse pointer up
|
|||
|
||||
|
||||
<p> </p>
|
||||
<a NAME="cust_bkmk_create"></a>
|
||||
<a NAME="cust_bkmk_use"></a>
|
||||
<h2>Using Bookmarks</h2>
|
||||
|
||||
<p>Netscape 6 comes with some bookmarks already available. To use a bookmark:
|
||||
|
|
|
@ -20,7 +20,7 @@ Assurance that a party to a computerized transaction is not an impostor. Authent
|
|||
See <a href="glossary.html#1020903"></a><a href="glossary.html#1020903">certificate authority (CA)</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="CA certificate"></A><A NAME="1017503">
|
||||
<A NAME="CA_certificate"></A><A NAME="1017503">
|
||||
<B>CA certificate.</B>
|
||||
</A><A NAME="1017507">
|
||||
A certificate that identifies a certificate authority. See also <a href="glossary.html#1020903">certificate authority (CA)</a>, <a href="glossary.html#999541">subordinate CA</a>, <a href="glossary.html#1015631">root CA</a>.<P>
|
||||
|
@ -32,57 +32,57 @@ A certificate that identifies a certificate authority. See also <a href="glossar
|
|||
The digital equivalent of an ID card. A certificate specifies the name of an individual, company, or other entity and certifies that a public key, which is included in the certificate, belongs to that entity. When you digitally sign a message or other data, the digital signature for that message is created with the aid of the private key that corresponds to the public key in your certificate. A certificate is issued and digitally signed by a <a href="glossary.html#1020903">certificate authority (CA)</a>. A certificate's validity can be verified by checking the CA's <a href="glossary.html#1013995">digital signature</a>. Also called digital ID, digital passport, public-key certificate X.509 certificate, and security certificate. See also <a href="glossary.html#1019178">public-key cryptography</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="certificate authority (CA)"></A><A NAME="1020903">
|
||||
<A NAME="certificate_authority_(CA)"></A><A NAME="1020903">
|
||||
<B>certificate authority (CA).</B>
|
||||
</A><A NAME="1020904">
|
||||
A service that issues a certificate after verifying the identity of the person or entity the certificate is intended to identify. A CA also renews and revokes certificates and generates a list of revoked certificates at regular intervals. CAs can be independent vendors (such as the CAs listed at <a href= "https://certs.netscape.com/" TARGET="_blank">Client Certificates</a>) or a person or organization using certificate-issuing server software (such as Netscape Certificate Management System). See also <a href="glossary.html#1018895">certificate</a>, <a href="glossary.html#1019940">certificate revocation list (CRL)</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="certificate backup password"></A><A NAME="1024655">
|
||||
<A NAME="certificate_backup_password"></A><A NAME="1024655">
|
||||
<B>certificate backup password.</B>
|
||||
</A><A NAME="1024670">
|
||||
A password that protects a certificate that you are backing up or have previously backed up. Certificate Manager asks you to set this password when you back up a certificate, and requests it when you attempt to restore a certificate that has previously been backed up. <P>
|
||||
</A>
|
||||
|
||||
<A NAME="certificate-based authentication"></A><A NAME="1018581">
|
||||
<A NAME="certificate-based_authentication"></A><A NAME="1018581">
|
||||
<B>certificate-based authentication.</B>
|
||||
</A><A NAME="1018582">
|
||||
Verification of identity based on certificates and public-key cryptography. See also <a href="glossary.html#1014123">password-based authentication</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="certificate chain"></A><A NAME="1018500">
|
||||
<A NAME="certificate_chain"></A><A NAME="1018500">
|
||||
<B>certificate chain.</B>
|
||||
</A><A NAME="1019929">
|
||||
A hierarchical series of certificates signed by successive certificate authorities. A CA certificate identifies a <a href="glossary.html#1020903">certificate authority (CA)</a> and is used to sign certificates issued by that authority. A CA certificate can in turn be signed by the CA certificate of a parent CA and so on up to a <a href="glossary.html#1015631">root CA</a>. <P>
|
||||
</A>
|
||||
|
||||
<A NAME="certificate fingerprint"></A><A NAME="1020297">
|
||||
<A NAME="certificate_fingerprint"></A><A NAME="1020297">
|
||||
<B>certificate fingerprint.</B>
|
||||
</A><A NAME="1020326">
|
||||
A unique number associated with a certificate. The number is not part of the certificate itself but is produced by applying a mathematical function to the contents of the certificate. If the contents of the certificate change, even by a single character, the function produces a different number. Certificate fingerprints can therefore be used to verify that certificates have not been tampered with.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="Certificate Manager"></A>
|
||||
<A NAME="Certificate_Manager"></A>
|
||||
<B>Certificate Manager</B>
|
||||
</A><A NAME="1020326">
|
||||
The part of the browser that allows you to view and manage certificates. To view the main Certificate Manager window, choose Preferences from the Edit menu, click Privacy/Security, then click Manage Certificates.<P>
|
||||
</A>
|
||||
|
||||
|
||||
<A NAME="certificate renewal"></A><A NAME="1031319">
|
||||
<A NAME="certificate_renewal"></A><A NAME="1031319">
|
||||
<B>certificate renewal.</B>
|
||||
</A><A NAME="1031323">
|
||||
The process of renewing a <a href="glossary.html#1018895">certificate</a> that is about to expire.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="certificate revocation list (CRL)"></A><A NAME="1019940">
|
||||
<A NAME="certificate_revocation_list (CRL)"></A><A NAME="1019940">
|
||||
<B>certificate revocation list (CRL).</B>
|
||||
</A><A NAME="1021047">
|
||||
A list of revoked certificates that is generated and signed by a <a href="glossary.html#1020903">certificate authority (CA)</a>. You can download the latest CRL to your browser or to a server, then check against it to make sure that certificates are still valid before permitting their use for authentication. <P>
|
||||
</A>
|
||||
|
||||
|
||||
<A NAME="certificate verification"></A><A NAME="1025527">
|
||||
<A NAME="certificate_verification"></A><A NAME="1025527">
|
||||
<B>certificate verification.</B>
|
||||
</A><A NAME="1025531">
|
||||
When <a href="#Certificate Manager">Certificate Manager</a> verifies a certificate, it confirms that the digital signature was created by a CA whose own CA certificate is both on file with Certificate Manager and marked as trusted for issuing that kind of certificate. It also confirms that the certificate being verified has not itself been marked as untrusted. Finally, if the <a href="glossary.html#1029304">Online Certificate Status Protocol (OCSP)</a> has been activated, Certificate Manager also performs an on-line check. It does so by looking up the certificate in a list of valid certificates maintained at a URL that is specified either in the certificate itself or in the browser's validation preferences. If any of these checks fail, Certificate Manager marks the certificate as unverified and won't recognize the identity it certifies.<P>
|
||||
|
@ -91,7 +91,7 @@ When <a href="#Certificate Manager">Certificate Manager</a> verifies a certifica
|
|||
<A NAME="cipher"></A><A NAME="1021048">
|
||||
<B>cipher.</B>
|
||||
</A><A NAME="1021052">
|
||||
See <a href="glossary.html#1019976">cryptographic algorithm</a>.<P>
|
||||
See <a href="glossary.html#1019976">cryptographic_algorithm</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="client"></A><A NAME="1029510">
|
||||
|
@ -100,19 +100,19 @@ See <a href="glossary.html#1019976">cryptographic algorithm</a>.<P>
|
|||
Software (such as browser software) that sends requests to and receives information from a <a href="glossary.html#1029749">server</a>, which is usually running on a different computer. A computer on which client software runs is also described as a client.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="client authentication"></A><A NAME="1021054">
|
||||
<A NAME="client_authentication"></A><A NAME="1021054">
|
||||
<B>client authentication.</B>
|
||||
</A><A NAME="1014557">
|
||||
The process of identifying a <a href="glossary.html#1029510">client</a> to a <a href="glossary.html#1029749">server</a>, for example with a name and password or with a <a href="glossary.html#1014561">client SSL certificate</a> and some digitally signed data. See also <a href="glossary.html#999463">Secure Sockets Layer (SSL)</a>, <a href="glossary.html#1031070">server authentication</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="client SSL certificate"></A><A NAME="1014561">
|
||||
<A NAME="client_SSL_certificate"></A><A NAME="1014561">
|
||||
<B>client SSL certificate.</B>
|
||||
</A><A NAME="1014562">
|
||||
A certificate that a <a href="glossary.html#1029510">client</a> (such as browser software) presents to a <a href="glossary.html#1029749">server</a> to authenticate the identity of the client (or the identity of the person using the client) using the <a href="glossary.html#999463">Secure Sockets Layer (SSL)</a> protocol. See also <a href="glossary.html#1021054">client authentication</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="cryptographic algorithm"></A><A NAME="1019976">
|
||||
<A NAME="cryptographic_algorithm"></A><A NAME="1019976">
|
||||
<B>cryptographic algorithm.</B>
|
||||
</A><A NAME="1019985">
|
||||
A set of rules or directions used to perform cryptographic operations such as <a href="glossary.html#999078">encryption</a> and <a href="glossary.html#998999">decryption</a>. Sometimes called a <I>cipher.</I><P>
|
||||
|
@ -130,25 +130,25 @@ The art and practice of scrambling (encrypting) and unscrambling (decrypting) in
|
|||
The process of unscrambling data that has been encrypted. See also <a href="glossary.html#999078">encryption</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="digital ID"></A><A NAME="999011">
|
||||
<A NAME="digital_ID"></A><A NAME="999011">
|
||||
<B>digital ID.</B>
|
||||
</A><A NAME="999017">
|
||||
See <a href="glossary.html#1018895">certificate</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="digital signature"></A><A NAME="1013995">
|
||||
<A NAME="digital_signature"></A><A NAME="1013995">
|
||||
<B>digital signature.</B>
|
||||
</A><A NAME="1013996">
|
||||
A code created from both the data to be signed and the private key of the signer. This code is unique for each new piece of data. Even a single comma added to a message changes the digital signature for that message. Successful validation of your digital signature by appropriate software not only provides evidence that you approved the transaction or message, but also provides evidence that the data has not changed since you digitally signed it. A digital signature has nothing to do with a handwritten signature, although it can sometimes be used for similar legal purposes. See also <a href="glossary.html#999248">nonrepudiation</a>, <a href="glossary.html#999618">tamper detection</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="distinguished name (DN)"></A><A NAME="1022191">
|
||||
<A NAME="distinguished_name_(DN)"></A><A NAME="1022191">
|
||||
<B>distinguished name (DN).</B>
|
||||
</A><A NAME="1022194">
|
||||
A specially formatted name that uniquely identifies the subject of a certificate.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="dual key pairs"></A><A NAME="1020489">
|
||||
<A NAME="dual_key_pairs"></A><A NAME="1020489">
|
||||
<B>dual key pairs.</B>
|
||||
</A><A NAME="1020619">
|
||||
Two public-private key pairs--four keys altogether--corresponding to two separate certificates. The private key of one pair is used for signing operations, and the public and private keys of the other pair are used for encryption and decryption operations. Each pair corresponds to a separate <a href="glossary.html#1018895">certificate</a>. See also <a href="glossary.html#1019178">public-key cryptography</a>.<P>
|
||||
|
@ -166,13 +166,13 @@ Surreptitious interception of information sent over a network by an entity for w
|
|||
The process of scrambling information in a way that disguises its meaning. For example, encrypted connections between computers make it very difficult for third-parties to unscramble, or <I>decrypt,</I> information flowing over the connection. Encrypted information can be decrypted only by someone who possesses the appropriate key. See also <a href="glossary.html#1019178">public-key cryptography</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="encryption certificate"></A><A NAME="1024953">
|
||||
<A NAME="encryption_certificate"></A><A NAME="1024953">
|
||||
<B>encryption certificate.</B>
|
||||
</A><A NAME="1024978">
|
||||
A certificate whose public key corresponds to a private key used for encryption only. Encryption certificates are not used for signing operations. See also <a href="glossary.html#1020489">dual key pairs</a>, <a href="glossary.html#999493">signing certificate</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="encryption key"></A><A NAME="1021254">
|
||||
<A NAME="encryption_key"></A><A NAME="1021254">
|
||||
<B>encryption key.</B>
|
||||
</A><A NAME="1021255">
|
||||
A private key used for encryption only. An encryption key and its equivalent public key, plus a <a href="glossary.html#1021282">signing key</a> and its equivalent public key, constitute a <a href="glossary.html#1020489">dual key pairs</a>.<P>
|
||||
|
@ -184,7 +184,7 @@ A private key used for encryption only. An encryption key and its equivalent pub
|
|||
See <a href="glossary.html#1020297">certificate fingerprint</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="FIPS PUBS 140-1"></A><A NAME="1025742">
|
||||
<A NAME="FIPS_PUBS_140-1"></A><A NAME="1025742">
|
||||
<B>FIPS PUBS 140-1.</B>
|
||||
</A><A NAME="1025743">
|
||||
Federal Information Processing Standards Publications (FIPS PUBS) 140-1 is a US government standard for implementations of cryptographic modules--that is, hardware or software that encrypts and decrypts data or performs other cryptographic operations (such as creating or verifying digital signatures). Many products sold to the US government must comply with one or more of the FIPS standards.<P>
|
||||
|
@ -196,19 +196,19 @@ Federal Information Processing Standards Publications (FIPS PUBS) 140-1 is a US
|
|||
A large number used by a <a href="glossary.html#1019976">cryptographic algorithm</a> to encrypt or decrypt data. A person's public key, for example, allows other people to encrypt messages to that person. The encrypted messages must be decrypted with the corresponding private key. See also <a href="glossary.html#1019178">public-key cryptography</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="Lightweight Directory Access Protocol (LDAP)"></A><A NAME="1022286">
|
||||
<A NAME="Lightweight_Directory_Access_Protocol_(LDAP)"></A><A NAME="1022286">
|
||||
<B>Lightweight Directory Access Protocol (LDAP).</B>
|
||||
</A><A NAME="1022287">
|
||||
A protocol for accessing directory services across multiple platforms. LDAP is a simplified version of Directory Access Protocol (DAP), used to access X.500 directories. <P>
|
||||
</A>
|
||||
|
||||
<A NAME="master key"></A><A NAME="1032598">
|
||||
<A NAME="master_key"></A><A NAME="1032598">
|
||||
<B>master key.</B>
|
||||
</A><A NAME="1032639">
|
||||
A symmetric key used by Certificate Manager to encrypt information. For example, Password Manager uses Certificate Mmanager and your master key to encrypt email passwords, web site passwords, and other stored sensitive information. See also <a href="glossary.html#999604">symmetric encryption</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="master password"></A><A NAME="1032744">
|
||||
<A NAME="master_password"></A><A NAME="1032744">
|
||||
<B>master password.</B>
|
||||
</A><A NAME="1032748">
|
||||
A password used by Certificate Manager to protect the master key and/or private keys stored on a <a href="glossary.html#1028962">security device</a>. Certificate Manager needs to access your private keys, for example, when you sign email messages or use one of your own certificates to identify yourself to a web site. It needs to access your master key when it encrypts or decrypts information on behalf of another application—for example, when Password Manager needs to store or access your email password. You can set or change your master password from the My Certificates tab of the main Certificate Manager window. Each security device requires a separate master password. See also <a href="glossary.html#1015387">private key</a>, <a href="glossary.html#1032598">master key</a>.<P>
|
||||
|
@ -227,7 +227,7 @@ Presentation of an entity as a person or organization that it is not. For exampl
|
|||
The inability, of the sender of a message, to deny having sent the message. A regular hand-written signature provides one form of nonrepudiation. A <a href="glossary.html#1013995">digital signature</a> provides another.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="object signing"></A><A NAME="1014095">
|
||||
<A NAME="object_signing"></A><A NAME="1014095">
|
||||
<B>object signing.</B>
|
||||
</A><A NAME="1014096">
|
||||
A technology that allows software developers to sign Java code, JavaScript scripts, or any kind of file, and that allows users to identify the signers and control access by signed code to local system resources.<P>
|
||||
|
@ -239,87 +239,87 @@ A technology that allows software developers to sign Java code, JavaScript scrip
|
|||
A certificate whose corresponding private key is used to sign objects such as code files. See also <a href="glossary.html#1014095">object signing</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="Online Certificate Status Protocol (OCSP)"></A><A NAME="1029304">
|
||||
<A NAME="Online_Certificate_Status_Protocol_(OCSP)"></A><A NAME="1029304">
|
||||
<B>Online Certificate Status Protocol (OCSP).</B>
|
||||
</A><A NAME="1029312">
|
||||
A set of rules that Certificate Manager follows to perform an online check of a certificate's validity each time the certificate is used. This process involves checking the certificate against a list of valid certificates maintained at a specified web site. Your computer must be online for OCSP to work.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="password-based authentication"></A><A NAME="1014123">
|
||||
<A NAME="password-based_authentication"></A><A NAME="1014123">
|
||||
<B>password-based authentication.</B>
|
||||
</A><A NAME="1014124">
|
||||
Confident identification by means of a name and password. See also <a href="glossary.html#998782">authentication</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="PKCS #11"></A><A NAME="1025194">
|
||||
<A NAME="PKCS_#11"></A><A NAME="1025194">
|
||||
<B>PKCS #11.</B>
|
||||
</A><A NAME="1025195">
|
||||
The public-key cryptography standard that governs security devices such as smart cards. See also <a href="glossary.html#1028962">security device</a>, <a href="glossary.html#1027625">smart card</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="PKCS #11 module"></A><A NAME="1025197">
|
||||
<A NAME="PKCS_#11_module"></A><A NAME="1025197">
|
||||
<B>PKCS #11 module.</B>
|
||||
</A><A NAME="1025271">
|
||||
A program on your computer that manages cryptographic services such as encryption and decryption using the PKCS #11 standard. Also called <I>cryptographic modules</I>, <I>cryptographic service providers,</I> or <I>security modules</I>, PKCS #11 modules control either hardware or software devices. A PKCS #11 module always controls one or more slots, which may be implemented as some form of physical reader (for example, for reading smart cards) or in software. Each slot for a PKCS #11 module can in turn contain a <a href="glossary.html#1028962">security device</a> (also called <I>token</I>)<B>,</B> which is the hardware or software device that provides cryptographic services and stores certificates and keys. Certificate Manager provides two built-in PKCS #11 modules. You may install additional modules on your computer to control smart card readers or other hardware devices.<P>
|
||||
</A>
|
||||
|
||||
|
||||
<A NAME="private key"></A><A NAME="1015387">
|
||||
<A NAME="private_key"></A><A NAME="1015387">
|
||||
<B>private key.</B>
|
||||
</A><A NAME="1015391">
|
||||
One of a pair of keys used in public-key cryptography. The private key is kept secret and is used to decrypt data that has been encrypted with the corresponding public key.<P>
|
||||
</A>
|
||||
|
||||
|
||||
<A NAME="public key"></A><A NAME="1019172">
|
||||
<A NAME="public_key"></A><A NAME="1019172">
|
||||
<B>public key.</B>
|
||||
</A><A NAME="1019173">
|
||||
One of a pair of keys used in public-key cryptography. The public key is distributed freely and published as part of a <a href="glossary.html#1018895">certificate</a>. It is typically used to encrypt data sent to the public key's owner, who then decrypts the data with the corresponding private key.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="public-key cryptography"></A><A NAME="1019178">
|
||||
<A NAME="public-key_cryptography"></A><A NAME="1019178">
|
||||
<B>public-key cryptography.</B>
|
||||
</A><A NAME="1023765">
|
||||
A set of well-established techniques and standards that allow an entity (such as a person, an organization, or hardware such as a router) to verify its identity electronically or to sign and encrypt electronic data. Two keys are involved: a <a href="glossary.html#1019172">public key</a> and a <a href="glossary.html#1015387">private key</a>. The public key is published as part of a <a href="glossary.html#1018895">certificate</a>, which associates that key with a particular identity. The corresponding private key is kept secret. Data encrypted with the public key can be decrypted only with the private key. <P>
|
||||
</A>
|
||||
|
||||
<A NAME="public-key infrastructure (PKI)"></A><A NAME="999412">
|
||||
<A NAME="public-key_infrastructure (PKI)"></A><A NAME="999412">
|
||||
<B>public-key infrastructure (PKI).</B>
|
||||
</A><A NAME="1014263">
|
||||
The standards and services that facilitate the use of public-key cryptography and certificates in a networked environment.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="root CA"></A><A NAME="1015631">
|
||||
<A NAME="root_CA"></A><A NAME="1015631">
|
||||
<B>root CA.</B>
|
||||
</A><A NAME="1015635">
|
||||
The <a href="glossary.html#1020903">certificate authority (CA)</a> with a self-signed certificate at the top of a <a href="glossary.html#1018500">certificate chain</a>. See also <a href="glossary.html#999541">subordinate CA</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="Secure Sockets Layer (SSL)"></A><A NAME="999463">
|
||||
<A NAME="Secure Sockets Layer_(SSL)"></A><A NAME="999463">
|
||||
<B>Secure Sockets Layer (SSL).</B>
|
||||
</A><A NAME="999472">
|
||||
A protocol that allows mutual authentication between a <a href="glossary.html#1029510">client</a> and a <a href="glossary.html#1029749">server</a> for the purpose of establishing an authenticated and encrypted connection. SSL runs above TCP/IP and below HTTP, LDAP, IMAP, NNTP, and other high-level network protocols. The new Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL. See also <a href="glossary.html#998782">authentication</a>, <a href="glossary.html#999078">encryption</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="security certificate"></A><A NAME="1028900">
|
||||
<A NAME="security_certificate"></A><A NAME="1028900">
|
||||
<B>security certificate.</B>
|
||||
</A><A NAME="1028904">
|
||||
See <a href="glossary.html#1018895">certificate</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="security device"></A><A NAME="1028962">
|
||||
<A NAME="security_device"></A><A NAME="1028962">
|
||||
<B>security device.</B>
|
||||
</A><A NAME="1028963">
|
||||
A hardware or software device that provides cryptographic services such as encryption and decryption and can store certificates and keys. A smart card is one example of a hardware security device. Personal Security Manager contains its own internal security device, called the <a href="glossary.html#1032045">PSM Private Keys security device</a>, that is implemented in software. Each security device is protected by its own <a href="glossary.html#1032744">master password</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="security module"></A><A NAME="1029083">
|
||||
<A NAME="security_module"></A><A NAME="1029083">
|
||||
<B>security module.</B>
|
||||
</A><A NAME="1029097">
|
||||
See <a href="glossary.html#1025197">PKCS #11 module</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="security token"></A><A NAME="1028905">
|
||||
<A NAME="security_token"></A><A NAME="1028905">
|
||||
<B>security token.</B>
|
||||
</A><A NAME="1028909">
|
||||
See <a href="glossary.html#1028962">security device</a>.<P>
|
||||
|
@ -331,25 +331,25 @@ See <a href="glossary.html#1028962">security device</a>.<P>
|
|||
Software (such as software that serves up web pages) that receives requests from and sends information to a <a href="glossary.html#1029510">client</a>, which is usually running on a different computer. A computer on which server software runs is also described as a server.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="server authentication"></A><A NAME="1031070">
|
||||
<A NAME="server_authentication"></A><A NAME="1031070">
|
||||
<B>server authentication.</B>
|
||||
</A><A NAME="1031080">
|
||||
The process of identifying a <a href="glossary.html#1029749">server</a> to a <a href="glossary.html#1029510">client</a> by using a <a href="glossary.html#1029874">server SSL certificate</a>. See also <a href="glossary.html#1021054">client authentication</a>, <a href="glossary.html#999463">Secure Sockets Layer (SSL)</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="server SSL certificate"></A><A NAME="1029874">
|
||||
<A NAME="server_SSL_certificate"></A><A NAME="1029874">
|
||||
<B>server SSL certificate.</B>
|
||||
</A><A NAME="999500">
|
||||
A certificate that a <a href="glossary.html#1029749">server</a> presents to a <a href="glossary.html#1029510">client</a> to authenticate the server's identity using the <a href="glossary.html#999463">Secure Sockets Layer (SSL)</a> protocol.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="signing certificate"></A><A NAME="999493">
|
||||
<A NAME="signing_certificate"></A><A NAME="999493">
|
||||
<B>signing certificate.</B>
|
||||
</A><A NAME="999507">
|
||||
A certificate whose corresponding <a href="glossary.html#1015387">private key</a> is used to sign transmitted data, so that the receiver can verify the identity of the sender. Certificate authorities (CAs) often issue a signing certificate that will be used to sign email messages at the same time as an <a href="glossary.html#1024953">encryption certificate</a> that will be used to encrypt email messages. See also <a href="glossary.html#1020489">dual key pairs</a>, <a href="glossary.html#1013995">digital signature</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="signing key"></A><A NAME="1021282">
|
||||
<A NAME="signing_key"></A><A NAME="1021282">
|
||||
<B>signing key.</B>
|
||||
</A><A NAME="1021283">
|
||||
A private key used for signing only. A signing key and its equivalent public key, together with an <a href="glossary.html#1021254">encryption key</a> and its equivalent public key, constitute <a href="glossary.html#1020489">dual key pairs</a>.<P>
|
||||
|
@ -361,13 +361,13 @@ A private key used for signing only. A signing key and its equivalent public key
|
|||
A piece of hardware, or its equivalent in software, that is controlled by a <a href="glossary.html#1025197">PKCS #11 module</a> and designed to contain a <a href="glossary.html#1028962">security device</a>. <P>
|
||||
</A>
|
||||
|
||||
<A NAME="smart card"></A><A NAME="1027625">
|
||||
<A NAME="smart_card"></A><A NAME="1027625">
|
||||
<B>smart card.</B>
|
||||
</A><A NAME="1027626">
|
||||
A small device, typically about the size of a credit card, that contains a microprocessor and is capable of storing cryptographic information (such as keys and certificates) and performing cryptographic operations. Smart cards use the <a href="glossary.html#1025194">PKCS #11</a> standard. A smart card is one kind of <a href="glossary.html#1028962">security device</a>. <P>
|
||||
</A>
|
||||
|
||||
<A NAME="software security device"></A><A NAME="1032045">
|
||||
<A NAME="software_security_device"></A><A NAME="1032045">
|
||||
<B>software security device.</B>
|
||||
</A><A NAME="1032110">
|
||||
The default <a href="#security device">security device</a> used by Certificate Manager to store private keys associated with your certificates. In addition to private keys, the software security device stores the master key used by Password Manager to encrypt email passwords, web site passwords, and other sensitive information. See also <a href="glossary.html#1015387">private key</a>, <a href="glossary.html#1032598">master key</a>, and <a href="#Password Manager">Password Manager</a><P>
|
||||
|
@ -391,25 +391,25 @@ See <a href="glossary.html#999463">Secure Sockets Layer (SSL)</a>. <P>
|
|||
The entity (such as a person, organization, or router) identified by a <a href="glossary.html#1018895">certificate</a>. In particular, the subject field of a certificate contains the certified entity's <a href="glossary.html#1021328">subject name</a> and other characteristics.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="subject name"></A><A NAME="1021328">
|
||||
<A NAME="subject_name"></A><A NAME="1021328">
|
||||
<B>subject name.</B>
|
||||
</A><A NAME="1021338">
|
||||
A <a href="glossary.html#1022191">distinguished name (DN)</a> that uniquely describes the <a href="glossary.html#1013880">subject</a> of a <a href="glossary.html#1018895">certificate</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="subordinate CA"></A><A NAME="999541">
|
||||
<A NAME="subordinate_CA"></A><A NAME="999541">
|
||||
<B>subordinate CA.</B>
|
||||
</A><A NAME="999591">
|
||||
A <a href="glossary.html#1020903">certificate authority (CA)</a> whose certificate is signed by another subordinate CA or by the root CA. See also <a href="glossary.html#1018500">certificate chain</a>, <a href="glossary.html#1015631">root CA</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="symmetric encryption"></A><A NAME="999604">
|
||||
<A NAME="symmetric_encryption"></A><A NAME="999604">
|
||||
<B>symmetric encryption.</B>
|
||||
</A><A NAME="999625">
|
||||
An encryption method that uses a single cryptographic key to both encrypt and decrypt a given message.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="tamper detection"></A><A NAME="999618">
|
||||
<A NAME="tamper_detection"></A><A NAME="999618">
|
||||
<B>tamper detection.</B>
|
||||
</A><A NAME="999631">
|
||||
A mechanism ensuring that data received in electronic form has not been tampered with; that is, that the data received corresponds entirely with the original version of the same data.<P>
|
||||
|
@ -439,10 +439,14 @@ Confident reliance on a person or other entity. In the context of <a href="gloss
|
|||
</dl>
|
||||
|
||||
|
||||
<hr>
|
||||
<p>
|
||||
© Copyright 2001 Netscape Communications Corporation
|
||||
</FONT> </CENTER>
|
||||
[ <A HREF="glossary.html">Return to beginning of Glossary</A> ]
|
||||
</p>
|
||||
|
||||
<hr>
|
||||
<p><i>6/8/2001</i></p>
|
||||
<p>Copyright © 1994-2001 Netscape Communications Corporation.</p>
|
||||
|
||||
|
||||
<BR>
|
||||
|
||||
|
|
|
@ -20,7 +20,7 @@ Assurance that a party to a computerized transaction is not an impostor. Authent
|
|||
See <a href="glossary.html#1020903"></a><a href="glossary.html#1020903">certificate authority (CA)</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="CA certificate"></A><A NAME="1017503">
|
||||
<A NAME="CA_certificate"></A><A NAME="1017503">
|
||||
<B>CA certificate.</B>
|
||||
</A><A NAME="1017507">
|
||||
A certificate that identifies a certificate authority. See also <a href="glossary.html#1020903">certificate authority (CA)</a>, <a href="glossary.html#999541">subordinate CA</a>, <a href="glossary.html#1015631">root CA</a>.<P>
|
||||
|
@ -32,57 +32,57 @@ A certificate that identifies a certificate authority. See also <a href="glossar
|
|||
The digital equivalent of an ID card. A certificate specifies the name of an individual, company, or other entity and certifies that a public key, which is included in the certificate, belongs to that entity. When you digitally sign a message or other data, the digital signature for that message is created with the aid of the private key that corresponds to the public key in your certificate. A certificate is issued and digitally signed by a <a href="glossary.html#1020903">certificate authority (CA)</a>. A certificate's validity can be verified by checking the CA's <a href="glossary.html#1013995">digital signature</a>. Also called digital ID, digital passport, public-key certificate X.509 certificate, and security certificate. See also <a href="glossary.html#1019178">public-key cryptography</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="certificate authority (CA)"></A><A NAME="1020903">
|
||||
<A NAME="certificate_authority_(CA)"></A><A NAME="1020903">
|
||||
<B>certificate authority (CA).</B>
|
||||
</A><A NAME="1020904">
|
||||
A service that issues a certificate after verifying the identity of the person or entity the certificate is intended to identify. A CA also renews and revokes certificates and generates a list of revoked certificates at regular intervals. CAs can be independent vendors (such as the CAs listed at <a href= "https://certs.netscape.com/" TARGET="_blank">Client Certificates</a>) or a person or organization using certificate-issuing server software (such as Netscape Certificate Management System). See also <a href="glossary.html#1018895">certificate</a>, <a href="glossary.html#1019940">certificate revocation list (CRL)</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="certificate backup password"></A><A NAME="1024655">
|
||||
<A NAME="certificate_backup_password"></A><A NAME="1024655">
|
||||
<B>certificate backup password.</B>
|
||||
</A><A NAME="1024670">
|
||||
A password that protects a certificate that you are backing up or have previously backed up. Certificate Manager asks you to set this password when you back up a certificate, and requests it when you attempt to restore a certificate that has previously been backed up. <P>
|
||||
</A>
|
||||
|
||||
<A NAME="certificate-based authentication"></A><A NAME="1018581">
|
||||
<A NAME="certificate-based_authentication"></A><A NAME="1018581">
|
||||
<B>certificate-based authentication.</B>
|
||||
</A><A NAME="1018582">
|
||||
Verification of identity based on certificates and public-key cryptography. See also <a href="glossary.html#1014123">password-based authentication</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="certificate chain"></A><A NAME="1018500">
|
||||
<A NAME="certificate_chain"></A><A NAME="1018500">
|
||||
<B>certificate chain.</B>
|
||||
</A><A NAME="1019929">
|
||||
A hierarchical series of certificates signed by successive certificate authorities. A CA certificate identifies a <a href="glossary.html#1020903">certificate authority (CA)</a> and is used to sign certificates issued by that authority. A CA certificate can in turn be signed by the CA certificate of a parent CA and so on up to a <a href="glossary.html#1015631">root CA</a>. <P>
|
||||
</A>
|
||||
|
||||
<A NAME="certificate fingerprint"></A><A NAME="1020297">
|
||||
<A NAME="certificate_fingerprint"></A><A NAME="1020297">
|
||||
<B>certificate fingerprint.</B>
|
||||
</A><A NAME="1020326">
|
||||
A unique number associated with a certificate. The number is not part of the certificate itself but is produced by applying a mathematical function to the contents of the certificate. If the contents of the certificate change, even by a single character, the function produces a different number. Certificate fingerprints can therefore be used to verify that certificates have not been tampered with.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="Certificate Manager"></A>
|
||||
<A NAME="Certificate_Manager"></A>
|
||||
<B>Certificate Manager</B>
|
||||
</A><A NAME="1020326">
|
||||
The part of the browser that allows you to view and manage certificates. To view the main Certificate Manager window, choose Preferences from the Edit menu, click Privacy/Security, then click Manage Certificates.<P>
|
||||
</A>
|
||||
|
||||
|
||||
<A NAME="certificate renewal"></A><A NAME="1031319">
|
||||
<A NAME="certificate_renewal"></A><A NAME="1031319">
|
||||
<B>certificate renewal.</B>
|
||||
</A><A NAME="1031323">
|
||||
The process of renewing a <a href="glossary.html#1018895">certificate</a> that is about to expire.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="certificate revocation list (CRL)"></A><A NAME="1019940">
|
||||
<A NAME="certificate_revocation_list (CRL)"></A><A NAME="1019940">
|
||||
<B>certificate revocation list (CRL).</B>
|
||||
</A><A NAME="1021047">
|
||||
A list of revoked certificates that is generated and signed by a <a href="glossary.html#1020903">certificate authority (CA)</a>. You can download the latest CRL to your browser or to a server, then check against it to make sure that certificates are still valid before permitting their use for authentication. <P>
|
||||
</A>
|
||||
|
||||
|
||||
<A NAME="certificate verification"></A><A NAME="1025527">
|
||||
<A NAME="certificate_verification"></A><A NAME="1025527">
|
||||
<B>certificate verification.</B>
|
||||
</A><A NAME="1025531">
|
||||
When <a href="#Certificate Manager">Certificate Manager</a> verifies a certificate, it confirms that the digital signature was created by a CA whose own CA certificate is both on file with Certificate Manager and marked as trusted for issuing that kind of certificate. It also confirms that the certificate being verified has not itself been marked as untrusted. Finally, if the <a href="glossary.html#1029304">Online Certificate Status Protocol (OCSP)</a> has been activated, Certificate Manager also performs an on-line check. It does so by looking up the certificate in a list of valid certificates maintained at a URL that is specified either in the certificate itself or in the browser's validation preferences. If any of these checks fail, Certificate Manager marks the certificate as unverified and won't recognize the identity it certifies.<P>
|
||||
|
@ -91,7 +91,7 @@ When <a href="#Certificate Manager">Certificate Manager</a> verifies a certifica
|
|||
<A NAME="cipher"></A><A NAME="1021048">
|
||||
<B>cipher.</B>
|
||||
</A><A NAME="1021052">
|
||||
See <a href="glossary.html#1019976">cryptographic algorithm</a>.<P>
|
||||
See <a href="glossary.html#1019976">cryptographic_algorithm</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="client"></A><A NAME="1029510">
|
||||
|
@ -100,19 +100,19 @@ See <a href="glossary.html#1019976">cryptographic algorithm</a>.<P>
|
|||
Software (such as browser software) that sends requests to and receives information from a <a href="glossary.html#1029749">server</a>, which is usually running on a different computer. A computer on which client software runs is also described as a client.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="client authentication"></A><A NAME="1021054">
|
||||
<A NAME="client_authentication"></A><A NAME="1021054">
|
||||
<B>client authentication.</B>
|
||||
</A><A NAME="1014557">
|
||||
The process of identifying a <a href="glossary.html#1029510">client</a> to a <a href="glossary.html#1029749">server</a>, for example with a name and password or with a <a href="glossary.html#1014561">client SSL certificate</a> and some digitally signed data. See also <a href="glossary.html#999463">Secure Sockets Layer (SSL)</a>, <a href="glossary.html#1031070">server authentication</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="client SSL certificate"></A><A NAME="1014561">
|
||||
<A NAME="client_SSL_certificate"></A><A NAME="1014561">
|
||||
<B>client SSL certificate.</B>
|
||||
</A><A NAME="1014562">
|
||||
A certificate that a <a href="glossary.html#1029510">client</a> (such as browser software) presents to a <a href="glossary.html#1029749">server</a> to authenticate the identity of the client (or the identity of the person using the client) using the <a href="glossary.html#999463">Secure Sockets Layer (SSL)</a> protocol. See also <a href="glossary.html#1021054">client authentication</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="cryptographic algorithm"></A><A NAME="1019976">
|
||||
<A NAME="cryptographic_algorithm"></A><A NAME="1019976">
|
||||
<B>cryptographic algorithm.</B>
|
||||
</A><A NAME="1019985">
|
||||
A set of rules or directions used to perform cryptographic operations such as <a href="glossary.html#999078">encryption</a> and <a href="glossary.html#998999">decryption</a>. Sometimes called a <I>cipher.</I><P>
|
||||
|
@ -130,25 +130,25 @@ The art and practice of scrambling (encrypting) and unscrambling (decrypting) in
|
|||
The process of unscrambling data that has been encrypted. See also <a href="glossary.html#999078">encryption</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="digital ID"></A><A NAME="999011">
|
||||
<A NAME="digital_ID"></A><A NAME="999011">
|
||||
<B>digital ID.</B>
|
||||
</A><A NAME="999017">
|
||||
See <a href="glossary.html#1018895">certificate</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="digital signature"></A><A NAME="1013995">
|
||||
<A NAME="digital_signature"></A><A NAME="1013995">
|
||||
<B>digital signature.</B>
|
||||
</A><A NAME="1013996">
|
||||
A code created from both the data to be signed and the private key of the signer. This code is unique for each new piece of data. Even a single comma added to a message changes the digital signature for that message. Successful validation of your digital signature by appropriate software not only provides evidence that you approved the transaction or message, but also provides evidence that the data has not changed since you digitally signed it. A digital signature has nothing to do with a handwritten signature, although it can sometimes be used for similar legal purposes. See also <a href="glossary.html#999248">nonrepudiation</a>, <a href="glossary.html#999618">tamper detection</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="distinguished name (DN)"></A><A NAME="1022191">
|
||||
<A NAME="distinguished_name_(DN)"></A><A NAME="1022191">
|
||||
<B>distinguished name (DN).</B>
|
||||
</A><A NAME="1022194">
|
||||
A specially formatted name that uniquely identifies the subject of a certificate.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="dual key pairs"></A><A NAME="1020489">
|
||||
<A NAME="dual_key_pairs"></A><A NAME="1020489">
|
||||
<B>dual key pairs.</B>
|
||||
</A><A NAME="1020619">
|
||||
Two public-private key pairs--four keys altogether--corresponding to two separate certificates. The private key of one pair is used for signing operations, and the public and private keys of the other pair are used for encryption and decryption operations. Each pair corresponds to a separate <a href="glossary.html#1018895">certificate</a>. See also <a href="glossary.html#1019178">public-key cryptography</a>.<P>
|
||||
|
@ -166,13 +166,13 @@ Surreptitious interception of information sent over a network by an entity for w
|
|||
The process of scrambling information in a way that disguises its meaning. For example, encrypted connections between computers make it very difficult for third-parties to unscramble, or <I>decrypt,</I> information flowing over the connection. Encrypted information can be decrypted only by someone who possesses the appropriate key. See also <a href="glossary.html#1019178">public-key cryptography</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="encryption certificate"></A><A NAME="1024953">
|
||||
<A NAME="encryption_certificate"></A><A NAME="1024953">
|
||||
<B>encryption certificate.</B>
|
||||
</A><A NAME="1024978">
|
||||
A certificate whose public key corresponds to a private key used for encryption only. Encryption certificates are not used for signing operations. See also <a href="glossary.html#1020489">dual key pairs</a>, <a href="glossary.html#999493">signing certificate</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="encryption key"></A><A NAME="1021254">
|
||||
<A NAME="encryption_key"></A><A NAME="1021254">
|
||||
<B>encryption key.</B>
|
||||
</A><A NAME="1021255">
|
||||
A private key used for encryption only. An encryption key and its equivalent public key, plus a <a href="glossary.html#1021282">signing key</a> and its equivalent public key, constitute a <a href="glossary.html#1020489">dual key pairs</a>.<P>
|
||||
|
@ -184,7 +184,7 @@ A private key used for encryption only. An encryption key and its equivalent pub
|
|||
See <a href="glossary.html#1020297">certificate fingerprint</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="FIPS PUBS 140-1"></A><A NAME="1025742">
|
||||
<A NAME="FIPS_PUBS_140-1"></A><A NAME="1025742">
|
||||
<B>FIPS PUBS 140-1.</B>
|
||||
</A><A NAME="1025743">
|
||||
Federal Information Processing Standards Publications (FIPS PUBS) 140-1 is a US government standard for implementations of cryptographic modules--that is, hardware or software that encrypts and decrypts data or performs other cryptographic operations (such as creating or verifying digital signatures). Many products sold to the US government must comply with one or more of the FIPS standards.<P>
|
||||
|
@ -196,19 +196,19 @@ Federal Information Processing Standards Publications (FIPS PUBS) 140-1 is a US
|
|||
A large number used by a <a href="glossary.html#1019976">cryptographic algorithm</a> to encrypt or decrypt data. A person's public key, for example, allows other people to encrypt messages to that person. The encrypted messages must be decrypted with the corresponding private key. See also <a href="glossary.html#1019178">public-key cryptography</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="Lightweight Directory Access Protocol (LDAP)"></A><A NAME="1022286">
|
||||
<A NAME="Lightweight_Directory_Access_Protocol_(LDAP)"></A><A NAME="1022286">
|
||||
<B>Lightweight Directory Access Protocol (LDAP).</B>
|
||||
</A><A NAME="1022287">
|
||||
A protocol for accessing directory services across multiple platforms. LDAP is a simplified version of Directory Access Protocol (DAP), used to access X.500 directories. <P>
|
||||
</A>
|
||||
|
||||
<A NAME="master key"></A><A NAME="1032598">
|
||||
<A NAME="master_key"></A><A NAME="1032598">
|
||||
<B>master key.</B>
|
||||
</A><A NAME="1032639">
|
||||
A symmetric key used by Certificate Manager to encrypt information. For example, Password Manager uses Certificate Mmanager and your master key to encrypt email passwords, web site passwords, and other stored sensitive information. See also <a href="glossary.html#999604">symmetric encryption</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="master password"></A><A NAME="1032744">
|
||||
<A NAME="master_password"></A><A NAME="1032744">
|
||||
<B>master password.</B>
|
||||
</A><A NAME="1032748">
|
||||
A password used by Certificate Manager to protect the master key and/or private keys stored on a <a href="glossary.html#1028962">security device</a>. Certificate Manager needs to access your private keys, for example, when you sign email messages or use one of your own certificates to identify yourself to a web site. It needs to access your master key when it encrypts or decrypts information on behalf of another application—for example, when Password Manager needs to store or access your email password. You can set or change your master password from the My Certificates tab of the main Certificate Manager window. Each security device requires a separate master password. See also <a href="glossary.html#1015387">private key</a>, <a href="glossary.html#1032598">master key</a>.<P>
|
||||
|
@ -227,7 +227,7 @@ Presentation of an entity as a person or organization that it is not. For exampl
|
|||
The inability, of the sender of a message, to deny having sent the message. A regular hand-written signature provides one form of nonrepudiation. A <a href="glossary.html#1013995">digital signature</a> provides another.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="object signing"></A><A NAME="1014095">
|
||||
<A NAME="object_signing"></A><A NAME="1014095">
|
||||
<B>object signing.</B>
|
||||
</A><A NAME="1014096">
|
||||
A technology that allows software developers to sign Java code, JavaScript scripts, or any kind of file, and that allows users to identify the signers and control access by signed code to local system resources.<P>
|
||||
|
@ -239,87 +239,87 @@ A technology that allows software developers to sign Java code, JavaScript scrip
|
|||
A certificate whose corresponding private key is used to sign objects such as code files. See also <a href="glossary.html#1014095">object signing</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="Online Certificate Status Protocol (OCSP)"></A><A NAME="1029304">
|
||||
<A NAME="Online_Certificate_Status_Protocol_(OCSP)"></A><A NAME="1029304">
|
||||
<B>Online Certificate Status Protocol (OCSP).</B>
|
||||
</A><A NAME="1029312">
|
||||
A set of rules that Certificate Manager follows to perform an online check of a certificate's validity each time the certificate is used. This process involves checking the certificate against a list of valid certificates maintained at a specified web site. Your computer must be online for OCSP to work.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="password-based authentication"></A><A NAME="1014123">
|
||||
<A NAME="password-based_authentication"></A><A NAME="1014123">
|
||||
<B>password-based authentication.</B>
|
||||
</A><A NAME="1014124">
|
||||
Confident identification by means of a name and password. See also <a href="glossary.html#998782">authentication</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="PKCS #11"></A><A NAME="1025194">
|
||||
<A NAME="PKCS_#11"></A><A NAME="1025194">
|
||||
<B>PKCS #11.</B>
|
||||
</A><A NAME="1025195">
|
||||
The public-key cryptography standard that governs security devices such as smart cards. See also <a href="glossary.html#1028962">security device</a>, <a href="glossary.html#1027625">smart card</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="PKCS #11 module"></A><A NAME="1025197">
|
||||
<A NAME="PKCS_#11_module"></A><A NAME="1025197">
|
||||
<B>PKCS #11 module.</B>
|
||||
</A><A NAME="1025271">
|
||||
A program on your computer that manages cryptographic services such as encryption and decryption using the PKCS #11 standard. Also called <I>cryptographic modules</I>, <I>cryptographic service providers,</I> or <I>security modules</I>, PKCS #11 modules control either hardware or software devices. A PKCS #11 module always controls one or more slots, which may be implemented as some form of physical reader (for example, for reading smart cards) or in software. Each slot for a PKCS #11 module can in turn contain a <a href="glossary.html#1028962">security device</a> (also called <I>token</I>)<B>,</B> which is the hardware or software device that provides cryptographic services and stores certificates and keys. Certificate Manager provides two built-in PKCS #11 modules. You may install additional modules on your computer to control smart card readers or other hardware devices.<P>
|
||||
</A>
|
||||
|
||||
|
||||
<A NAME="private key"></A><A NAME="1015387">
|
||||
<A NAME="private_key"></A><A NAME="1015387">
|
||||
<B>private key.</B>
|
||||
</A><A NAME="1015391">
|
||||
One of a pair of keys used in public-key cryptography. The private key is kept secret and is used to decrypt data that has been encrypted with the corresponding public key.<P>
|
||||
</A>
|
||||
|
||||
|
||||
<A NAME="public key"></A><A NAME="1019172">
|
||||
<A NAME="public_key"></A><A NAME="1019172">
|
||||
<B>public key.</B>
|
||||
</A><A NAME="1019173">
|
||||
One of a pair of keys used in public-key cryptography. The public key is distributed freely and published as part of a <a href="glossary.html#1018895">certificate</a>. It is typically used to encrypt data sent to the public key's owner, who then decrypts the data with the corresponding private key.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="public-key cryptography"></A><A NAME="1019178">
|
||||
<A NAME="public-key_cryptography"></A><A NAME="1019178">
|
||||
<B>public-key cryptography.</B>
|
||||
</A><A NAME="1023765">
|
||||
A set of well-established techniques and standards that allow an entity (such as a person, an organization, or hardware such as a router) to verify its identity electronically or to sign and encrypt electronic data. Two keys are involved: a <a href="glossary.html#1019172">public key</a> and a <a href="glossary.html#1015387">private key</a>. The public key is published as part of a <a href="glossary.html#1018895">certificate</a>, which associates that key with a particular identity. The corresponding private key is kept secret. Data encrypted with the public key can be decrypted only with the private key. <P>
|
||||
</A>
|
||||
|
||||
<A NAME="public-key infrastructure (PKI)"></A><A NAME="999412">
|
||||
<A NAME="public-key_infrastructure (PKI)"></A><A NAME="999412">
|
||||
<B>public-key infrastructure (PKI).</B>
|
||||
</A><A NAME="1014263">
|
||||
The standards and services that facilitate the use of public-key cryptography and certificates in a networked environment.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="root CA"></A><A NAME="1015631">
|
||||
<A NAME="root_CA"></A><A NAME="1015631">
|
||||
<B>root CA.</B>
|
||||
</A><A NAME="1015635">
|
||||
The <a href="glossary.html#1020903">certificate authority (CA)</a> with a self-signed certificate at the top of a <a href="glossary.html#1018500">certificate chain</a>. See also <a href="glossary.html#999541">subordinate CA</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="Secure Sockets Layer (SSL)"></A><A NAME="999463">
|
||||
<A NAME="Secure Sockets Layer_(SSL)"></A><A NAME="999463">
|
||||
<B>Secure Sockets Layer (SSL).</B>
|
||||
</A><A NAME="999472">
|
||||
A protocol that allows mutual authentication between a <a href="glossary.html#1029510">client</a> and a <a href="glossary.html#1029749">server</a> for the purpose of establishing an authenticated and encrypted connection. SSL runs above TCP/IP and below HTTP, LDAP, IMAP, NNTP, and other high-level network protocols. The new Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL. See also <a href="glossary.html#998782">authentication</a>, <a href="glossary.html#999078">encryption</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="security certificate"></A><A NAME="1028900">
|
||||
<A NAME="security_certificate"></A><A NAME="1028900">
|
||||
<B>security certificate.</B>
|
||||
</A><A NAME="1028904">
|
||||
See <a href="glossary.html#1018895">certificate</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="security device"></A><A NAME="1028962">
|
||||
<A NAME="security_device"></A><A NAME="1028962">
|
||||
<B>security device.</B>
|
||||
</A><A NAME="1028963">
|
||||
A hardware or software device that provides cryptographic services such as encryption and decryption and can store certificates and keys. A smart card is one example of a hardware security device. Personal Security Manager contains its own internal security device, called the <a href="glossary.html#1032045">PSM Private Keys security device</a>, that is implemented in software. Each security device is protected by its own <a href="glossary.html#1032744">master password</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="security module"></A><A NAME="1029083">
|
||||
<A NAME="security_module"></A><A NAME="1029083">
|
||||
<B>security module.</B>
|
||||
</A><A NAME="1029097">
|
||||
See <a href="glossary.html#1025197">PKCS #11 module</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="security token"></A><A NAME="1028905">
|
||||
<A NAME="security_token"></A><A NAME="1028905">
|
||||
<B>security token.</B>
|
||||
</A><A NAME="1028909">
|
||||
See <a href="glossary.html#1028962">security device</a>.<P>
|
||||
|
@ -331,25 +331,25 @@ See <a href="glossary.html#1028962">security device</a>.<P>
|
|||
Software (such as software that serves up web pages) that receives requests from and sends information to a <a href="glossary.html#1029510">client</a>, which is usually running on a different computer. A computer on which server software runs is also described as a server.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="server authentication"></A><A NAME="1031070">
|
||||
<A NAME="server_authentication"></A><A NAME="1031070">
|
||||
<B>server authentication.</B>
|
||||
</A><A NAME="1031080">
|
||||
The process of identifying a <a href="glossary.html#1029749">server</a> to a <a href="glossary.html#1029510">client</a> by using a <a href="glossary.html#1029874">server SSL certificate</a>. See also <a href="glossary.html#1021054">client authentication</a>, <a href="glossary.html#999463">Secure Sockets Layer (SSL)</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="server SSL certificate"></A><A NAME="1029874">
|
||||
<A NAME="server_SSL_certificate"></A><A NAME="1029874">
|
||||
<B>server SSL certificate.</B>
|
||||
</A><A NAME="999500">
|
||||
A certificate that a <a href="glossary.html#1029749">server</a> presents to a <a href="glossary.html#1029510">client</a> to authenticate the server's identity using the <a href="glossary.html#999463">Secure Sockets Layer (SSL)</a> protocol.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="signing certificate"></A><A NAME="999493">
|
||||
<A NAME="signing_certificate"></A><A NAME="999493">
|
||||
<B>signing certificate.</B>
|
||||
</A><A NAME="999507">
|
||||
A certificate whose corresponding <a href="glossary.html#1015387">private key</a> is used to sign transmitted data, so that the receiver can verify the identity of the sender. Certificate authorities (CAs) often issue a signing certificate that will be used to sign email messages at the same time as an <a href="glossary.html#1024953">encryption certificate</a> that will be used to encrypt email messages. See also <a href="glossary.html#1020489">dual key pairs</a>, <a href="glossary.html#1013995">digital signature</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="signing key"></A><A NAME="1021282">
|
||||
<A NAME="signing_key"></A><A NAME="1021282">
|
||||
<B>signing key.</B>
|
||||
</A><A NAME="1021283">
|
||||
A private key used for signing only. A signing key and its equivalent public key, together with an <a href="glossary.html#1021254">encryption key</a> and its equivalent public key, constitute <a href="glossary.html#1020489">dual key pairs</a>.<P>
|
||||
|
@ -361,13 +361,13 @@ A private key used for signing only. A signing key and its equivalent public key
|
|||
A piece of hardware, or its equivalent in software, that is controlled by a <a href="glossary.html#1025197">PKCS #11 module</a> and designed to contain a <a href="glossary.html#1028962">security device</a>. <P>
|
||||
</A>
|
||||
|
||||
<A NAME="smart card"></A><A NAME="1027625">
|
||||
<A NAME="smart_card"></A><A NAME="1027625">
|
||||
<B>smart card.</B>
|
||||
</A><A NAME="1027626">
|
||||
A small device, typically about the size of a credit card, that contains a microprocessor and is capable of storing cryptographic information (such as keys and certificates) and performing cryptographic operations. Smart cards use the <a href="glossary.html#1025194">PKCS #11</a> standard. A smart card is one kind of <a href="glossary.html#1028962">security device</a>. <P>
|
||||
</A>
|
||||
|
||||
<A NAME="software security device"></A><A NAME="1032045">
|
||||
<A NAME="software_security_device"></A><A NAME="1032045">
|
||||
<B>software security device.</B>
|
||||
</A><A NAME="1032110">
|
||||
The default <a href="#security device">security device</a> used by Certificate Manager to store private keys associated with your certificates. In addition to private keys, the software security device stores the master key used by Password Manager to encrypt email passwords, web site passwords, and other sensitive information. See also <a href="glossary.html#1015387">private key</a>, <a href="glossary.html#1032598">master key</a>, and <a href="#Password Manager">Password Manager</a><P>
|
||||
|
@ -391,25 +391,25 @@ See <a href="glossary.html#999463">Secure Sockets Layer (SSL)</a>. <P>
|
|||
The entity (such as a person, organization, or router) identified by a <a href="glossary.html#1018895">certificate</a>. In particular, the subject field of a certificate contains the certified entity's <a href="glossary.html#1021328">subject name</a> and other characteristics.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="subject name"></A><A NAME="1021328">
|
||||
<A NAME="subject_name"></A><A NAME="1021328">
|
||||
<B>subject name.</B>
|
||||
</A><A NAME="1021338">
|
||||
A <a href="glossary.html#1022191">distinguished name (DN)</a> that uniquely describes the <a href="glossary.html#1013880">subject</a> of a <a href="glossary.html#1018895">certificate</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="subordinate CA"></A><A NAME="999541">
|
||||
<A NAME="subordinate_CA"></A><A NAME="999541">
|
||||
<B>subordinate CA.</B>
|
||||
</A><A NAME="999591">
|
||||
A <a href="glossary.html#1020903">certificate authority (CA)</a> whose certificate is signed by another subordinate CA or by the root CA. See also <a href="glossary.html#1018500">certificate chain</a>, <a href="glossary.html#1015631">root CA</a>.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="symmetric encryption"></A><A NAME="999604">
|
||||
<A NAME="symmetric_encryption"></A><A NAME="999604">
|
||||
<B>symmetric encryption.</B>
|
||||
</A><A NAME="999625">
|
||||
An encryption method that uses a single cryptographic key to both encrypt and decrypt a given message.<P>
|
||||
</A>
|
||||
|
||||
<A NAME="tamper detection"></A><A NAME="999618">
|
||||
<A NAME="tamper_detection"></A><A NAME="999618">
|
||||
<B>tamper detection.</B>
|
||||
</A><A NAME="999631">
|
||||
A mechanism ensuring that data received in electronic form has not been tampered with; that is, that the data received corresponds entirely with the original version of the same data.<P>
|
||||
|
@ -439,10 +439,14 @@ Confident reliance on a person or other entity. In the context of <a href="gloss
|
|||
</dl>
|
||||
|
||||
|
||||
<hr>
|
||||
<p>
|
||||
© Copyright 2001 Netscape Communications Corporation
|
||||
</FONT> </CENTER>
|
||||
[ <A HREF="glossary.html">Return to beginning of Glossary</A> ]
|
||||
</p>
|
||||
|
||||
<hr>
|
||||
<p><i>6/8/2001</i></p>
|
||||
<p>Copyright © 1994-2001 Netscape Communications Corporation.</p>
|
||||
|
||||
|
||||
<BR>
|
||||
|
||||
|
|
|
@ -47,7 +47,7 @@
|
|||
|
||||
<p>For improved protection, you may want to protect the file with encryption. Encryption makes it nearly impossible for an unauthorized person to view your stored sensitive information.
|
||||
|
||||
<p>To turn on encryption for sensitive information stored on your computer, select the checkbox in the Passwords panel labeled "Use encryption when storing sensitive data." If you have not previously set a <a href="glossary.html#master password">master password</a>, you will be asked to create one. To do so, follow the instructions as they appear on your screen. For an overview of the steps involved, see <a href="using_priv_help.html#using_encrypt">Encrypting Stored Sensitive Information</a>.
|
||||
<p>To turn on encryption for sensitive information stored on your computer, select the checkbox in the Passwords panel labeled "Use encryption when storing sensitive data." If you have not previously set a <a href="glossary.html#master_password">master password</a>, you will be asked to create one. To do so, follow the instructions as they appear on your screen. For an overview of the steps involved, see <a href="using_priv_help.html#using_encrypt">Encrypting Stored Sensitive Information</a>.
|
||||
|
||||
<p>To turn off encryption for sensitive information, so that it is obscured but not encrypted, deselect the checkbox.
|
||||
|
||||
|
|
|
@ -47,7 +47,7 @@
|
|||
|
||||
<p>For improved protection, you may want to protect the file with encryption. Encryption makes it nearly impossible for an unauthorized person to view your stored sensitive information.
|
||||
|
||||
<p>To turn on encryption for sensitive information stored on your computer, select the checkbox in the Passwords panel labeled "Use encryption when storing sensitive data." If you have not previously set a <a href="glossary.html#master password">master password</a>, you will be asked to create one. To do so, follow the instructions as they appear on your screen. For an overview of the steps involved, see <a href="using_priv_help.html#using_encrypt">Encrypting Stored Sensitive Information</a>.
|
||||
<p>To turn on encryption for sensitive information stored on your computer, select the checkbox in the Passwords panel labeled "Use encryption when storing sensitive data." If you have not previously set a <a href="glossary.html#master_password">master password</a>, you will be asked to create one. To do so, follow the instructions as they appear on your screen. For an overview of the steps involved, see <a href="using_priv_help.html#using_encrypt">Encrypting Stored Sensitive Information</a>.
|
||||
|
||||
<p>To turn off encryption for sensitive information, so that it is obscured but not encrypted, deselect the checkbox.
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
<html>
|
||||
<head>
|
||||
<title>Privacy on the Internet</title>
|
||||
<title>Using Privacy Features</title>
|
||||
|
||||
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
|
||||
|
||||
|
@ -8,17 +8,37 @@
|
|||
|
||||
<body bgcolor="white">
|
||||
|
||||
<a NAME="using_maintain"></a>
|
||||
<hr><h1>Using Privacy Features</h1>
|
||||
|
||||
<p>The Internet is a public network of millions of computers, all sharing information. On the Internet, information moves back and forth across public lines and through numerous connections. As with all public lines, eavesdropping is possible.</p>
|
||||
|
||||
<p>Fortunately, your browser contains features that safeguard security. For background information about privacy on the Internet, click the first topic below. For instructions on using specific browser features that help protect your privacy, click the topic for the feature you want to use.</p>
|
||||
|
||||
|
||||
<p> </p>
|
||||
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
|
||||
<tr>
|
||||
<td class="inthissections">
|
||||
<p>Privacy Topics:</p>
|
||||
<p><a href="#sec-maintain">Privacy on the Internet</a></p>
|
||||
<p><a href="using_priv_help.html#using_cookies">Using the Cookie Manager</a></p>
|
||||
<p><a href="using_priv_help.html#using_password">Using the Password Manager</a></p>
|
||||
<p><a href="using_priv_help.html#using_forms">Using the Form Manager</a></p>
|
||||
<p><a href="using_priv_help.html#using_encrypt">Encrypting Stored Sensitive Information</a></p>
|
||||
</td>
|
||||
</table>
|
||||
|
||||
<p> </p>
|
||||
<a NAME="sec_maintain"></a>
|
||||
<h1>Privacy on the Internet</h1>
|
||||
<hr><h1>Privacy on the Internet</h1>
|
||||
|
||||
<p>The Internet is a public network of millions of computers, all sharing information. On the Internet, communications move back and forth across public lines and through numerous connections. As with all public lines, eavesdropping is possible.</p>
|
||||
|
||||
<p>This document provides some background information about privacy on the Internet. It also describes several things you can do to safeguard your own privacy. Click any of the links below to learn more.</p>
|
||||
<p>This section summarizes some background information about privacy on the Internet. It also describes several things you can do to safeguard your own privacy. Click any of the links below to learn more.</p>
|
||||
|
||||
<p>In addition to the information in this document, you can always find the latest news about security at Netscape's <a href="http://home.netscape.com/security/index.html" target="_blank">Security Center</a>. For more information about privacy and security, including information about viruses, secure email, safe online shopping and banking, and safe surfing for children, see
|
||||
<a href="http://home.netscape.com/security/basics/index.html?cp=sciln" target="_blank">Understanding Security</a>, a document located at the Security Center.
|
||||
|
||||
<p>For the quickest introduction to privacy issues, see the <a href="chrome://communicator/locale/wallet/privacy.html">Privacy Tutorial</a>.
|
||||
<p>For a more detailed discussion of privacy issues, see the <a href="chrome://communicator/locale/wallet/privacy.html">Privacy Tutorial</a>.
|
||||
|
||||
<p> </p>
|
||||
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
|
||||
|
@ -55,7 +75,7 @@
|
|||
|
||||
<p>A web page <b>can't</b> find out your e-mail address, name, or any
|
||||
other personal information unless you explicity provide it.
|
||||
You are in control---nobody can obtain personal information about
|
||||
You are in control—nobody can obtain personal information about
|
||||
you unless you allow it.
|
||||
|
||||
|
||||
|
@ -63,7 +83,7 @@ you unless you allow it.
|
|||
<a NAME="privacy_visit"></a>
|
||||
<h2>What Information Does My Browser Give to a Web Site?</h2>
|
||||
|
||||
<p>When you request to view a web page from a site---which you do each time you click a link or type a URL---a small amount of information is given to the site. This information includes your operating environment, your Internet address (<i>not</i> your email address), and the page you're coming from.
|
||||
<p>When you ask to view a web page from a site—which you do each time you click a link or type a URL—a small amount of information is given to the site. This information includes your operating environment, your Internet address (<i>not</i> your email address), and the page you're coming from.
|
||||
|
||||
<p><b>Operating Environment</b>
|
||||
|
||||
|
@ -179,8 +199,8 @@ you want your browser to accept.
|
|||
<li>How do I contact the web site if I have questions or problems?
|
||||
</ul>
|
||||
|
||||
|
||||
<p> </p>
|
||||
|
||||
<a NAME="privacy_anon"></a>
|
||||
<h2>Browsing Anonymously</h2>
|
||||
<p> </p>
|
||||
|
@ -210,7 +230,7 @@ search engine to find them---try search words such as "anonymous" and
|
|||
|
||||
<hr>
|
||||
|
||||
<p><i>5/9/2001</i></p>
|
||||
<p><i>6/7/2001</i></p>
|
||||
|
||||
<hr>
|
||||
<p>Copyright © 1994-2001 Netscape Communications Corporation.</p>
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
<html>
|
||||
<head>
|
||||
<title>Privacy on the Internet</title>
|
||||
<title>Using Privacy Features</title>
|
||||
|
||||
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
|
||||
|
||||
|
@ -8,17 +8,37 @@
|
|||
|
||||
<body bgcolor="white">
|
||||
|
||||
<a NAME="using_maintain"></a>
|
||||
<hr><h1>Using Privacy Features</h1>
|
||||
|
||||
<p>The Internet is a public network of millions of computers, all sharing information. On the Internet, information moves back and forth across public lines and through numerous connections. As with all public lines, eavesdropping is possible.</p>
|
||||
|
||||
<p>Fortunately, your browser contains features that safeguard security. For background information about privacy on the Internet, click the first topic below. For instructions on using specific browser features that help protect your privacy, click the topic for the feature you want to use.</p>
|
||||
|
||||
|
||||
<p> </p>
|
||||
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
|
||||
<tr>
|
||||
<td class="inthissections">
|
||||
<p>Privacy Topics:</p>
|
||||
<p><a href="#sec-maintain">Privacy on the Internet</a></p>
|
||||
<p><a href="using_priv_help.html#using_cookies">Using the Cookie Manager</a></p>
|
||||
<p><a href="using_priv_help.html#using_password">Using the Password Manager</a></p>
|
||||
<p><a href="using_priv_help.html#using_forms">Using the Form Manager</a></p>
|
||||
<p><a href="using_priv_help.html#using_encrypt">Encrypting Stored Sensitive Information</a></p>
|
||||
</td>
|
||||
</table>
|
||||
|
||||
<p> </p>
|
||||
<a NAME="sec_maintain"></a>
|
||||
<h1>Privacy on the Internet</h1>
|
||||
<hr><h1>Privacy on the Internet</h1>
|
||||
|
||||
<p>The Internet is a public network of millions of computers, all sharing information. On the Internet, communications move back and forth across public lines and through numerous connections. As with all public lines, eavesdropping is possible.</p>
|
||||
|
||||
<p>This document provides some background information about privacy on the Internet. It also describes several things you can do to safeguard your own privacy. Click any of the links below to learn more.</p>
|
||||
<p>This section summarizes some background information about privacy on the Internet. It also describes several things you can do to safeguard your own privacy. Click any of the links below to learn more.</p>
|
||||
|
||||
<p>In addition to the information in this document, you can always find the latest news about security at Netscape's <a href="http://home.netscape.com/security/index.html" target="_blank">Security Center</a>. For more information about privacy and security, including information about viruses, secure email, safe online shopping and banking, and safe surfing for children, see
|
||||
<a href="http://home.netscape.com/security/basics/index.html?cp=sciln" target="_blank">Understanding Security</a>, a document located at the Security Center.
|
||||
|
||||
<p>For the quickest introduction to privacy issues, see the <a href="chrome://communicator/locale/wallet/privacy.html">Privacy Tutorial</a>.
|
||||
<p>For a more detailed discussion of privacy issues, see the <a href="chrome://communicator/locale/wallet/privacy.html">Privacy Tutorial</a>.
|
||||
|
||||
<p> </p>
|
||||
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
|
||||
|
@ -55,7 +75,7 @@
|
|||
|
||||
<p>A web page <b>can't</b> find out your e-mail address, name, or any
|
||||
other personal information unless you explicity provide it.
|
||||
You are in control---nobody can obtain personal information about
|
||||
You are in control—nobody can obtain personal information about
|
||||
you unless you allow it.
|
||||
|
||||
|
||||
|
@ -63,7 +83,7 @@ you unless you allow it.
|
|||
<a NAME="privacy_visit"></a>
|
||||
<h2>What Information Does My Browser Give to a Web Site?</h2>
|
||||
|
||||
<p>When you request to view a web page from a site---which you do each time you click a link or type a URL---a small amount of information is given to the site. This information includes your operating environment, your Internet address (<i>not</i> your email address), and the page you're coming from.
|
||||
<p>When you ask to view a web page from a site—which you do each time you click a link or type a URL—a small amount of information is given to the site. This information includes your operating environment, your Internet address (<i>not</i> your email address), and the page you're coming from.
|
||||
|
||||
<p><b>Operating Environment</b>
|
||||
|
||||
|
@ -179,8 +199,8 @@ you want your browser to accept.
|
|||
<li>How do I contact the web site if I have questions or problems?
|
||||
</ul>
|
||||
|
||||
|
||||
<p> </p>
|
||||
|
||||
<a NAME="privacy_anon"></a>
|
||||
<h2>Browsing Anonymously</h2>
|
||||
<p> </p>
|
||||
|
@ -210,7 +230,7 @@ search engine to find them---try search words such as "anonymous" and
|
|||
|
||||
<hr>
|
||||
|
||||
<p><i>5/9/2001</i></p>
|
||||
<p><i>6/7/2001</i></p>
|
||||
|
||||
<hr>
|
||||
<p>Copyright © 1994-2001 Netscape Communications Corporation.</p>
|
||||
|
|
|
@ -14,37 +14,21 @@
|
|||
<p>This section describes how to modify the Privacy and Security preferences. To access them, follow these steps:
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Click the Privacy and Security category. If no subcategories are visible, click its triangle to expand the list, then click the name for the preferences you want to view or change.
|
||||
<li>Click the Privacy and Security category. If no subcategories are visible, click to expand the list, then click the name for the preferences you want to view or change.
|
||||
</ol>
|
||||
|
||||
<p>For help with a panel's settings, click the Help button at the bottom of that panel.
|
||||
|
||||
<p>For help with the top-level Privacy and Security panel, keep reading.
|
||||
|
||||
<p> </p>
|
||||
<a NAME="Reset_Settings"></a>
|
||||
<h3>Reset Preferences</h3>
|
||||
<h2>Reset Preferences</h2>
|
||||
|
||||
<p>To set all the Privacy and Security settings back to their default values, click Reset Preferences.
|
||||
<p>To set all the Privacy and Security settings back to their default values, click Reset Preferences in the top-level Privacy and Security panel.
|
||||
|
||||
<a NAME="Manage_Certificates"></a>
|
||||
<h3>Manage Certificates</h3>
|
||||
|
||||
<p>Certificates are the digital equipvalent of ID cards--they help other people
|
||||
identify you, and they help you identify other people, web sites, and organizations.
|
||||
|
||||
<p>To examine or configure the certificates you have on file, click Manage Certificates.
|
||||
|
||||
<a NAME="Manage_Security_Devices"></a>
|
||||
<h3>Manage Security Devices</h3>
|
||||
|
||||
<p>A security device is a hardware or software device that stores your certificates and keys.
|
||||
For example, a smart card is a security device. Netscape 6 has its own built-in software
|
||||
security device, and you can use additional security devices, such as smart cards, at the same time.
|
||||
|
||||
<p>To examine or configure your security devices, click Manage Security Devices.
|
||||
|
||||
<hr>
|
||||
<p><i>3/22/2001</i></p>
|
||||
<p><i>5/31/2001</i></p>
|
||||
<p>Copyright © 1994-2001 Netscape Communications Corporation.</p>
|
||||
|
||||
</body>
|
||||
|
|
|
@ -14,37 +14,21 @@
|
|||
<p>This section describes how to modify the Privacy and Security preferences. To access them, follow these steps:
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Click the Privacy and Security category. If no subcategories are visible, click its triangle to expand the list, then click the name for the preferences you want to view or change.
|
||||
<li>Click the Privacy and Security category. If no subcategories are visible, click to expand the list, then click the name for the preferences you want to view or change.
|
||||
</ol>
|
||||
|
||||
<p>For help with a panel's settings, click the Help button at the bottom of that panel.
|
||||
|
||||
<p>For help with the top-level Privacy and Security panel, keep reading.
|
||||
|
||||
<p> </p>
|
||||
<a NAME="Reset_Settings"></a>
|
||||
<h3>Reset Preferences</h3>
|
||||
<h2>Reset Preferences</h2>
|
||||
|
||||
<p>To set all the Privacy and Security settings back to their default values, click Reset Preferences.
|
||||
<p>To set all the Privacy and Security settings back to their default values, click Reset Preferences in the top-level Privacy and Security panel.
|
||||
|
||||
<a NAME="Manage_Certificates"></a>
|
||||
<h3>Manage Certificates</h3>
|
||||
|
||||
<p>Certificates are the digital equipvalent of ID cards--they help other people
|
||||
identify you, and they help you identify other people, web sites, and organizations.
|
||||
|
||||
<p>To examine or configure the certificates you have on file, click Manage Certificates.
|
||||
|
||||
<a NAME="Manage_Security_Devices"></a>
|
||||
<h3>Manage Security Devices</h3>
|
||||
|
||||
<p>A security device is a hardware or software device that stores your certificates and keys.
|
||||
For example, a smart card is a security device. Netscape 6 has its own built-in software
|
||||
security device, and you can use additional security devices, such as smart cards, at the same time.
|
||||
|
||||
<p>To examine or configure your security devices, click Manage Security Devices.
|
||||
|
||||
<hr>
|
||||
<p><i>3/22/2001</i></p>
|
||||
<p><i>5/31/2001</i></p>
|
||||
<p>Copyright © 1994-2001 Netscape Communications Corporation.</p>
|
||||
|
||||
</body>
|
||||
|
|
|
@ -9,29 +9,19 @@
|
|||
<body bgcolor="white">
|
||||
|
||||
<a NAME="ssl_first"></a>
|
||||
<h2>SSL Settings</h2>
|
||||
<h1>SSL Settings</h1>
|
||||
<p>This section describes how to use the SSL Settings panel. If you are not already viewing the panel, follow these steps:
|
||||
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Under the Privacy and Security category, choose SSL. (If no options are visible under Privacy and Security, click its triangle to expand the list.)
|
||||
<li>Under the Privacy and Security category, choose SSL. (If no subcategories are visible, click to expand the list.)
|
||||
</ol>
|
||||
|
||||
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
|
||||
<tr>
|
||||
<td class="inthissection">
|
||||
<p>In this section:</p>
|
||||
<p><a href="#SSL_Protocol_Versions">SSL Protocol Versions</a></p>
|
||||
<p><a href="#SSL_Warnings">SSL Warnings</a></p>
|
||||
<p><a href="#Client_Certificate_Selection">Client Certificate Selection</a></p>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
<p> </p>
|
||||
<a NAME="SSL_Protocol_Versions"></a>
|
||||
<h3>SSL Protocol Versions</h3>
|
||||
<h2>SSL Protocol Versions</h2>
|
||||
|
||||
|
||||
<p>The Secure Sockets Layer (SSL) protocol defines rules governing mutual authentication
|
||||
|
@ -46,7 +36,7 @@ selected to ensure that both older and newer web servers can work with Certifica
|
|||
|
||||
<p> </p>
|
||||
<a NAME="SSL_Warnings"></a>
|
||||
<h3>SSL Warnings</h3>
|
||||
<h2>SSL Warnings</h2>
|
||||
|
||||
<p>It's easy to tell when the web site you are viewing is using an encrypted connection.
|
||||
If the connection is encrypted, the lock icon in the lower-right corner of the Navigator
|
||||
|
@ -72,17 +62,6 @@ information to a web site that doesn't provide an encrypted connection, select
|
|||
even if you don't want any of the others.
|
||||
</ul>
|
||||
|
||||
<p> </p>
|
||||
<a NAME="Client_Certificate_Selection"></a>
|
||||
<h3>Client Certificate Selection</h3>
|
||||
|
||||
<p>You can decide how Navigator selects a certificate from among those you have on file to identify you to a web site:
|
||||
<ul>
|
||||
<LI>If you want Navigator to choose a certificate without asking you, click
|
||||
Select Automatically. This is usually the preferred setting.
|
||||
<LI>If you want Navigator to ask you to select a certificate each time a web site
|
||||
requests one, click Select Manually.
|
||||
</ul>
|
||||
|
||||
<p>
|
||||
[ <A HREF="#ssl_first">Return to beginning of SSL Settings section</A> ]
|
||||
|
|
|
@ -9,29 +9,19 @@
|
|||
<body bgcolor="white">
|
||||
|
||||
<a NAME="ssl_first"></a>
|
||||
<h2>SSL Settings</h2>
|
||||
<h1>SSL Settings</h1>
|
||||
<p>This section describes how to use the SSL Settings panel. If you are not already viewing the panel, follow these steps:
|
||||
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Under the Privacy and Security category, choose SSL. (If no options are visible under Privacy and Security, click its triangle to expand the list.)
|
||||
<li>Under the Privacy and Security category, choose SSL. (If no subcategories are visible, click to expand the list.)
|
||||
</ol>
|
||||
|
||||
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
|
||||
<tr>
|
||||
<td class="inthissection">
|
||||
<p>In this section:</p>
|
||||
<p><a href="#SSL_Protocol_Versions">SSL Protocol Versions</a></p>
|
||||
<p><a href="#SSL_Warnings">SSL Warnings</a></p>
|
||||
<p><a href="#Client_Certificate_Selection">Client Certificate Selection</a></p>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
<p> </p>
|
||||
<a NAME="SSL_Protocol_Versions"></a>
|
||||
<h3>SSL Protocol Versions</h3>
|
||||
<h2>SSL Protocol Versions</h2>
|
||||
|
||||
|
||||
<p>The Secure Sockets Layer (SSL) protocol defines rules governing mutual authentication
|
||||
|
@ -46,7 +36,7 @@ selected to ensure that both older and newer web servers can work with Certifica
|
|||
|
||||
<p> </p>
|
||||
<a NAME="SSL_Warnings"></a>
|
||||
<h3>SSL Warnings</h3>
|
||||
<h2>SSL Warnings</h2>
|
||||
|
||||
<p>It's easy to tell when the web site you are viewing is using an encrypted connection.
|
||||
If the connection is encrypted, the lock icon in the lower-right corner of the Navigator
|
||||
|
@ -72,17 +62,6 @@ information to a web site that doesn't provide an encrypted connection, select
|
|||
even if you don't want any of the others.
|
||||
</ul>
|
||||
|
||||
<p> </p>
|
||||
<a NAME="Client_Certificate_Selection"></a>
|
||||
<h3>Client Certificate Selection</h3>
|
||||
|
||||
<p>You can decide how Navigator selects a certificate from among those you have on file to identify you to a web site:
|
||||
<ul>
|
||||
<LI>If you want Navigator to choose a certificate without asking you, click
|
||||
Select Automatically. This is usually the preferred setting.
|
||||
<LI>If you want Navigator to ask you to select a certificate each time a web site
|
||||
requests one, click Select Manually.
|
||||
</ul>
|
||||
|
||||
<p>
|
||||
[ <A HREF="#ssl_first">Return to beginning of SSL Settings section</A> ]
|
||||
|
|
|
@ -11,7 +11,7 @@
|
|||
<a NAME="cert_dialog_help_first"></a>
|
||||
<h1>SSL Page Info</h1>
|
||||
|
||||
<p>When you choose Page Info from the View menu, you see information about authentication and encryption for the web page you are viewing.
|
||||
<p>When you choose Page Info from the View menu and click the Security tab, you see information about authentication and encryption for the web page you are viewing.
|
||||
|
||||
<p>Click the Help button in the Page Info window to see the additional information given here about each combination you may encounter. </P></A>
|
||||
|
||||
|
@ -150,7 +150,7 @@ why the web site's certificate is invalid:
|
|||
|
||||
|
||||
<hr>
|
||||
<p><i>5/9/2001</i></p>
|
||||
<p><i>6/5/2001</i></p>
|
||||
<p>Copyright © 1994-2001 Netscape Communications Corporation.</p>
|
||||
|
||||
</body>
|
||||
|
|
|
@ -9,21 +9,13 @@
|
|||
<body bgcolor="white">
|
||||
|
||||
<a NAME="using_certs_first"></a>
|
||||
<h1>Using Certificates</h1>
|
||||
<hr><h1>Using Certificates</h1>
|
||||
|
||||
<p>A certificate is the digital equivalent of an ID card. Just as you may have several ID cards for different purposes, such as a driver's license, an employee ID card, or a credit card, you can have several different certificates that identify you for different purposes.</p>
|
||||
|
||||
<P>This section describes how to use the Certificate Manager to work with the certificates you have on file. To open the Certificate Manager, follow these steps:
|
||||
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Click Privacy and Security.
|
||||
<li>Click Manage Certificates.
|
||||
</ol>
|
||||
|
||||
<p>When you are using Certificate Manager windows, you can obtain more detailed instructions by clicking the Help button in the lower-right corner of each window.</P>
|
||||
|
||||
<P>This section describes how to perform operations related to certificates.
|
||||
|
||||
<p> </p>
|
||||
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
|
||||
<tr>
|
||||
<td class="inthissection">
|
||||
|
@ -41,9 +33,9 @@
|
|||
|
||||
<p> </p>
|
||||
<a NAME="using_certs_get"></a>
|
||||
<h2>Get Your Own Certificate</h2>
|
||||
<hr><h1>Get Your Own Certificate</h1>
|
||||
|
||||
<P>Much like a credit card or a driver's license, a certificate is a form of identification you can use to identify yourself over the Internet and other networks. Like other commonly used personal IDs, a certificate is typically issued by an organization with recognized authority to issue such identification. An organization that issues certificates is called a certificate authority (CA).
|
||||
<P>Much like a credit card or a driver's license, a certificate is a form of identification you can use to identify yourself over the Internet and other networks. Like other commonly used personal IDs, a certificate is typically issued by an organization with recognized authority to issue such identification. An organization that issues certificates is called a <b>certificate authority (CA).</b>
|
||||
|
||||
<p>You can obtain certificates that identify you from public CAs, from system administrators or special CAs within your organization, or from web sites offering specialized services that require a means of identification more reliable that your name and password.
|
||||
|
||||
|
@ -51,13 +43,13 @@
|
|||
|
||||
<p>You can obtain a certificate today by visiting the URL for a certificate authority and following the on-screen instructions. For a list of certificate authorities, see the online document <a href="https://certs.netscape.com/" TARGET="_blank">Client Certificates</a>. </p>
|
||||
|
||||
<p>Once you obtain a certificate, it is automatically stored in a <a href="glossary.html#security device">security device</a>. Your browser comes with its own built-in software security device. A security device can also be a piece of hardware, such as a smart card.</p>
|
||||
<p>Once you obtain a certificate, it is automatically stored in a <a href="glossary.html#security_device">security device</a>. Your browser comes with its own built-in software security device. A security device can also be a piece of hardware, such as a smart card.</p>
|
||||
|
||||
<p>Like a driver's license or a credit card, a certificate is a valuable form of identification that can be abused if it falls into the wrong hands. Once you've obtained a certificate that identifies you, you should protect it in two ways: by backing it up and by setting your <a href="glossary.html#master password">master password</a>.
|
||||
<p>Like a driver's license or a credit card, a certificate is a valuable form of identification that can be abused if it falls into the wrong hands. Once you've obtained a certificate that identifies you, you should protect it in two ways: by backing it up and by setting your <a href="glossary.html#master_password">master password</a>.
|
||||
|
||||
<p>When you first obtain a certificate, you may be prompted to back it up. If you haven't yet created a master password, you will be asked to create one.
|
||||
|
||||
<p>For detailed information about backing up a certificate and setting your master password, see <a href="certs_help.html#My_Certificates">My Certificates</a>.
|
||||
<p>For detailed information about backing up a certificate and setting your master password, see <a href="certs_help.html#My_Certificates">Your Certificates</a>.
|
||||
|
||||
|
||||
<p>
|
||||
|
@ -66,14 +58,17 @@
|
|||
|
||||
<p> </p>
|
||||
<a NAME="using_certs_info"></a>
|
||||
<h2>Check Security for a Web Page</h2>
|
||||
|
||||
<p><b>[describes the lock icon and how to open Page Info for a given web page.]</b></p>
|
||||
|
||||
|
||||
<hr><h1>Check Security for a Web Page</h1>
|
||||
|
||||
<p>Whenever you're viewing a web page, you can choose Page Info from the View menu, then click the Security tab to see information about the security available for that page.
|
||||
|
||||
<p>The Security tab for Page Info provides two kinds of information:
|
||||
<ul>
|
||||
<li>The top half of the panel describes whether the web site displaying the page has been correctly identified.
|
||||
<li>The bottom half describes whether the page you are viewing is encrypted, and if so what grade of encryption it uses.
|
||||
</ul>
|
||||
|
||||
<p>If you're not sure what the displayed information means, click the Help button in the Security tab to find out more.</p>
|
||||
|
||||
<p>
|
||||
[ <A HREF="#using_certs_first">Return to beginning of Using Certificates section</A> ]
|
||||
|
@ -82,7 +77,7 @@
|
|||
|
||||
<p> </p>
|
||||
<a NAME="using_certs_manage"></a>
|
||||
<h2>Manage Certificates</h2>
|
||||
<hr><h1>Manage Certificates</h1>
|
||||
|
||||
<p>You can use the Certificate Manager to manage the certificates you have available. Certificates may be stored on your computer's hard disk or on smart cards or other security devices attached to your computer.</p>
|
||||
|
||||
|
@ -90,26 +85,32 @@
|
|||
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Click Privacy/Security.
|
||||
<li>Click Manage Certificates.
|
||||
<li>Under the Privacy and Security category, choose Certificates. (If no subcategories are visible, click to expand the list.)
|
||||
<li>In the Certificates panel, click Manage Certificates.
|
||||
</ol>
|
||||
|
||||
<p>The sections that follow describe some of the tasks you can use the Certificate Manager to perform. For more detailed instructions about using any Certificate Manager window, click the Help button for that window.
|
||||
|
||||
<p><a HREF="#using_certs_my">Manage Certificates that Identify You</a><br>
|
||||
<a HREF="#using_certs_sites">Manage Certificates that Identify Web Sites</a><br>
|
||||
<a HREF="#using_certs_cas">Manage Certificates that Identify Certificate Authorities</a>
|
||||
<p>
|
||||
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
|
||||
<tr>
|
||||
<td class="inthissection">
|
||||
<p>In this section:</p>
|
||||
<p><a HREF="#using_certs_my">Manage Certificates that Identify You</a></p>
|
||||
<p><a HREF="#using_certs_sites">Manage Certificates that Identify Web Sites</a></p>
|
||||
<p><a HREF="#using_certs_cas">Manage Certificates that Identify Certificate Authorities</a></a></p>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
<p> </p>
|
||||
<a NAME="using_certs_my"></a>
|
||||
<H3>Manage Certificates that Identify You</H3>
|
||||
<H2>Manage Certificates that Identify You</H2>
|
||||
|
||||
|
||||
<p>When you first open the Certificate Manager, you'll notice that it has several tabs across the top of its window. The first tab is called My Certificates, and it displays the certificates your browser has on file that identify you. Your certificates are listed under the names of the organizations that issued them.
|
||||
<p>When you first open the Certificate Manager, you'll notice that it has several tabs across the top of its window. The first tab is called Your Certificates, and it displays the certificates your browser has available that identify you. Your certificates are listed under the names of the organizations that issued them.
|
||||
|
||||
<p>To perform an action on one or more certificates, click the entry for the certificate (or Shift-click to select more than one), then click the View, Backup, or Delete button. Each of these buttons brings up another window that allows you to perform the action. Click the Help button in any window to obtain more information about using that window.
|
||||
|
||||
<p>The other buttons in the My Certificates tab don't require you to select a certificate first. You can use them to perform these actions:
|
||||
<p>The other buttons under Your Certificates don't require a certificate to be selected. You use them to perform these actions:
|
||||
<ul>
|
||||
<li><b>Restore.</b> Click this button if you want to restore a certificate that you've previously backed up or transferred from one machine to another.
|
||||
|
||||
|
@ -119,7 +120,7 @@
|
|||
|
||||
</ul>
|
||||
|
||||
<p>For more details about any of these tasks, click the Help button in any Certificate Manager window or see <a href="certs_help.html#My_Certificates">My Certificates</a>.
|
||||
<p>For more details about any of these tasks, click the Help button in any Certificate Manager window or see <a href="certs_help.html#My_Certificates">Your Certificates</a>.
|
||||
|
||||
|
||||
<p>
|
||||
|
@ -128,13 +129,13 @@
|
|||
|
||||
<p> </p>
|
||||
<a NAME="using_certs_sites"></a>
|
||||
<H3>Manage Certificates that Identify Web Sites</H3>
|
||||
<H2>Manage Certificates that Identify Web Sites</H2>
|
||||
|
||||
<p>Some web sites use certificates to identify themselves. Such identification is required before the web site can encrypt information transferred between the site and your computer (or vice versa), so that nobody can read the data while in transit.
|
||||
|
||||
<p>If the URL for a web site begins with <tt>https://</tt>, the web site has a certificate. If you visit such a web site and its certificate was issued by a CA that your browser doesn't know about or doesn't trust, you will be asked whether you want to accept web site's certificate. When you accept a new web site certificate, the Certificate Manager adds it to its list of web site certificates.
|
||||
<p>If the URL for a web site begins with <tt>https://</tt>, the web site has a certificate. If you visit such a web site and its certificate was issued by a CA the Certificate Manager doesn't know about or doesn't trust, you will be asked whether you want to accept web site's certificate. When you accept a new web site certificate, the Certificate Manager adds it to its list of web site certificates.
|
||||
|
||||
<p>To view all the web site certificates available to your browser, click the tab labeled Web Site Certificates at the top of the Certificate Manager window.
|
||||
<p>To view all the web site certificates available to your browser, click the tab labeled Web Sites at the top of the Certificate Manager window.
|
||||
|
||||
<p>To perform an action on one or more web site certificates, click the entry for the certificate (or Shift-click to select more than one), then click the View, Edit, or Delete button. Each of these buttons brings up another window that allows you to perform the corresonding action. Click the Help button in any window to obtain more information about using that window.
|
||||
|
||||
|
@ -150,13 +151,13 @@
|
|||
|
||||
<p> </p>
|
||||
<a NAME="using_certs_cas"></a>
|
||||
<H3>Manage Certificates that Identify Certificate Authorities</H3>
|
||||
<H2>Manage Certificates that Identify Certificate Authorities</H2>
|
||||
|
||||
<p>Like other commonly used forms of ID, a certificate is issued by an organization with recognized authority to issue such identification. An organization that issues certificates is called a <a href="glossary.html#certificate authority (CA)">certificate authority (CA)</a>. A certificate that identifies a CA is called a CA certificate.
|
||||
<p>Like other commonly used forms of ID, a certificate is issued by an organization with recognized authority to issue such identification. An organization that issues certificates is called a <a href="glossary.html#certificate_authority_(CA)">certificate authority (CA)</a>. A certificate that identifies a CA is called a CA certificate.
|
||||
|
||||
<p> Certificate Manager typically has many CA certificates on file. These CA certificates permit Certificate Manager to recognize and work with certificates issued by the corresponding CAs. However, the presence of a CA certificate in this list does <i>not</i> guarantee that the certificates it issues can be trusted. You or your system administrator must make decisions about what kinds of certificates to trust depending on your security needs.
|
||||
|
||||
<p>To view all the CA certificates available to your browser, click the tab labeled Web Site Certificates at the top of the Certificate Manager window.
|
||||
<p>To view all the CA certificates available to your browser, click the tab labeled Authorities at the top of the Certificate Manager window.
|
||||
|
||||
<p>To perform an action on one or more CA certificates, click the entry for the certificate (or Shift-click to select more than one), then click the View, Edit, or Delete button. Each of these buttons brings up another window that allows you to perform the action. Click the Help button in any window to obtain more information about using that window.
|
||||
|
||||
|
@ -171,28 +172,137 @@
|
|||
|
||||
<p> </p>
|
||||
<a NAME="using_certs_devices"></a>
|
||||
<h2>Manage Smart Cards and Other Security Devices</h2>
|
||||
<hr><h1>Manage Smart Cards and Other Security Devices</h1>
|
||||
|
||||
<p>A smart card is a small device, typically about the size of a credit card, that contains a microprocessor and is capable of storing information about your identity (such as your <a href="glossary.html#private_key">private keys</a> and <a href="glossary.html#certificate">certificates</a>) and performing cryptographic operations.
|
||||
|
||||
<p>To use a smart card, you typically need to have a smart card reader (a piece of hardware) attached to your computer, as well as software on your computer that controls the reader.
|
||||
|
||||
<p>A smart card is just one kind of security device. A security device (sometimes called a token) is a hardware or software device that provides cryptographic services and stores information about your identity. To work with smart cards and other security devices, you use the Device Manager.
|
||||
|
||||
|
||||
<P><a NAME="using_certs_devices_open"></a>This section describes how to use the Device Manager to manage security devices. To open the Device Manager, follow these steps:
|
||||
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Under the Privacy and Security category, choose Certificates. (If no subcategories are visible, click to expand the list.)
|
||||
<li>In the Certificates panel, click Manage Devices.
|
||||
</ol>
|
||||
<p> </p>
|
||||
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
|
||||
<tr>
|
||||
<td class="inthissection">
|
||||
<p>In this section:</p>
|
||||
<p><a href="#using_certs_devices_about">About Security Devices and Modules</a></p>
|
||||
<p><a href="#using_certs_devices_devices">Work with Security Devices</a></p>
|
||||
<p><a href="#using_certs_devices_modules">Work with Security Modules</a></p>
|
||||
<p><a href="#using_certs_devices_fips">Enable FIPS Mode</a></p>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
<p> </p>
|
||||
<a NAME="using_certs_devices_about"></a>
|
||||
<h2>About Security Devices and Modules</h1>
|
||||
|
||||
<p>The Device Manager displays a window that lists the available security devices. You can use the Device Manager to manage any security devices, including smart cards, that support the Public Key Cryptography Standard (PKCS) #11.
|
||||
|
||||
<p>A <a href="glossary.html#PKCS_#11_module">PKCS #11 module</a> (sometimes called a security module) controls one or more security devices in much the same way that a software driver controls an external device such as a printer or modem. If you are installing a smart card, you must install the PKCS #11 module for the smart card on your computer as well as connecting the smart card reader.
|
||||
|
||||
<p>By default, the Device Manager controls two internal PKCS #11 modules that manage three security devices:
|
||||
|
||||
<ul>
|
||||
<li><b>Builtin Roots Module</b> controls a special security device called the Builtin Object Token. This token stores the default <a href="glossary.html#CA_certificate">CA certificates</a> that come with the browser.
|
||||
<li><b>Netscape Internal PKCS #11 Module</b> controls two security devices:
|
||||
<ul>
|
||||
<li><b>Generic Crypto Services</b> is a special security device that performs all cryptographic operations required by the Netscape Internal PKCS #11 Module.
|
||||
<li><b>Software Security Device</b> stores your certificates and keys that aren't stored on external security devices, including any CA certificates that you may have installed in addition to those that come with the browser.
|
||||
</ul>
|
||||
</ul>
|
||||
|
||||
<p><b>[Describes how to open the Cert Manager to the fifth tab and how to add, delete, log into, or log out of security modules and devices.]</b></p>
|
||||
|
||||
<p>
|
||||
[ <A HREF="#using_certs_first">Return to beginning of Using Certificates section</A> ]
|
||||
</p>
|
||||
|
||||
<p> </p>
|
||||
<a NAME="using_certs_devices_devices"></a>
|
||||
<h2>Work With Security Devices</h1>
|
||||
|
||||
<p>This section assumes you are looking at the Device Manager. (If you don't know how to open it, <a href="#using_certs_devices_open">click here</a>).
|
||||
|
||||
<p>The Device Manager lists each available PKCS #11 module in boldface, and the security devices managed by each module below its name.
|
||||
|
||||
<p>When you select a security device, information about it appears in the middle of the Device Manager window, and some of the buttons on the right side of the window become available. For example, if you select the Software Security Device, you can perform these actions:
|
||||
|
||||
<ul>
|
||||
<li>Click Login or Logout to log in or out of the Software Security Device. If you are logging in, you will be asked to supply the master password for the device. You must be logged into a security device before your browser software can use it to provide cryptographic services.
|
||||
<li>Click Change Password to change the master password for the device.
|
||||
</ul>
|
||||
|
||||
|
||||
<p>You can perform these actions on most security devices. However, you cannot perform them on Builtin Object Token or Generic Crypto Services, which are special devices that must normally be available at all times.
|
||||
|
||||
|
||||
<p>
|
||||
[ <A HREF="#using_certs_first">Return to beginning of Using Certificates section</A> ]
|
||||
</p>
|
||||
|
||||
<p> </p>
|
||||
<a NAME="using_certs_devices_modules"></a>
|
||||
<h2>Work With Security Modules</h1>
|
||||
|
||||
<p>This section assumes you are looking at the Device Manager. (If you don't know how to open it, <a href="#using_certs_devices_open">click here</a>).
|
||||
|
||||
<p>Before you can add a PKCS #11 module to the list displayed by the Device Manager, you must first
|
||||
install the module software on your computer and if necessary connect any associated hardware (such as
|
||||
a smart card reader). Follow the instructions that come with the hardware.
|
||||
|
||||
<p>After a new module is installed on your computer, follow these steps to load it:
|
||||
|
||||
<ul>
|
||||
<li>Click Load.
|
||||
<li>In the Load PKCS #11 Module dialog box, click the Browse button, locate the module file, and click Open.
|
||||
<li>Fill in the Module Name field with the name of the module and click OK.
|
||||
</ul>
|
||||
|
||||
<p>The new module will then show up in the list of modules with the name you assigned to it.
|
||||
|
||||
<p>To unload a PKCS #11 module, select its name and click Unload.
|
||||
|
||||
|
||||
<p> </p>
|
||||
<a NAME="using_certs_devices_fips"></a>
|
||||
<h2>Enable FIPS Mode</h2>
|
||||
|
||||
<p>Federal Information Processing Standards Publications (FIPS PUBS) 140-1 is a US government standard for implementations of cryptographic modules—that is, hardware or software that encrypts and decrypts data or performs other cryptographic operations (such as creating or verifying digital signatures). Many products sold to the US government must comply with one or more of the FIPS standards.
|
||||
|
||||
<p>To enable FIPS mode for the browser, you use the Device Manager. (If you don't know how to open it, <a href="#using_certs_devices_open">click here</a>).
|
||||
|
||||
<p>To enable FIPS mode, click the Enable FIPS button. When FIPS is enabled, the name Netscape Internal PKCS #11 Modulee changes to Netscape Internal PKCS #11 Module FIPS and the Enable FIPS button changes to Disable FIPS.
|
||||
|
||||
<p>To disable FIPS-mode, click Disable FIPS.</P></A>
|
||||
|
||||
<p>
|
||||
[ <A HREF="#using_certs_first">Return to beginning of Using Certificates section</A> ]
|
||||
</p>
|
||||
|
||||
<p> </p>
|
||||
<a NAME="using_certs_ssl"></a>
|
||||
<h2>View or Change SSL Settings</h2>
|
||||
<hr><h1>Manage SSL Warnings and Settings</h1>
|
||||
|
||||
<p>The Secure Sockets Layer (SSL) protocol allows your computer to exchange information with web site computers in encrypted form--that is, the information is scrambled while in transit so that nobody else can make sense of it. SSL is also used to identify computers on the Internet by means of certificates.
|
||||
<p>The Secure Sockets Layer (SSL) protocol allows your computer to exchange information with other computers on the Internet in encrypted form—that is, the information is scrambled while in transit so that nobody else can make sense of it. SSL is also used to identify computers on the Internet by means of <a href="glossary.html#certificate">certificates</a>.
|
||||
|
||||
<p>Transport Layer Security (TLS) is a new standard based on SSL. By default, the browser supports both SSL and TLS. This approach works for most people, because it guarantees that the browser will work with virtually all other existing software on the Internet that supports any version of SSL or TLS. However, in some circumstances system administrators or other knowledgeable persons may wish to adjust the SSL settings to fine-tune them for special security needs or to account for bugs in some older software products.
|
||||
<p>The Transport Layer Security (TLS) protocol is a new standard based on SSL. By default, the browser supports both SSL and TLS. This approach works for most people, because it guarantees that the browser will work with virtually all other existing software on the Internet that supports any version of SSL or TLS.
|
||||
|
||||
<p>However, in some circumstances system administrators or other knowledgeable persons may wish to adjust the SSL settings to fine-tune them for special security needs or to account for bugs in some older software products.
|
||||
|
||||
<p>You shouldn't adust the SSL settings for your browser unless you know what you're doing or have the assistance of someone else who does. If you do need to adjust them for some reason, follow these steps:
|
||||
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Under the Privacy and Security category, select SSL. (If no options are visible under Privacy and Security, click its triangle to expand the list.)
|
||||
<li>Under the Privacy and Security category, select SSL. (If no subcategories are visible, click to expand the list.)
|
||||
</ol>
|
||||
|
||||
<p>For more details, click the Help button in the SSL Settings panel or see <a href="ssl_help.html">SSL Settings</a>.
|
||||
|
@ -207,9 +317,64 @@
|
|||
|
||||
<p> </p>
|
||||
<a NAME="using_certs_validation"></a>
|
||||
<h2>View or Change Validation Settings</h2>
|
||||
<hr><h1>Manage Validation Settings</h1>
|
||||
|
||||
<p><b>[Describes how use Validation Preferences.]</b></p>
|
||||
<p>As discussed above under <a href="#using_certs_get">Get Your Own Certificate</a>, a certificate is a form of identification, much like a driver's license, that you can use to identify yourself over the Internet and other networks. However, also like a driver's license, a certificate may be expired or invalid for some other reason. Therefore, your browser software needs to confirm the validity of any given certificate in some way before trusting it for identification purposes.
|
||||
|
||||
<p>This section describes how Certificate Manager validates certificates and how to control that process. To understand the process, you should have some familiarity with <a href="glossary.html#public-key_cryptography">public-key_cryptography</a>. If you are not familiar with the use of certificates, you should check with your system administrator before attempting to change any of your browser's certificate validation settings.<p>
|
||||
|
||||
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
|
||||
<tr>
|
||||
<td class="inthissection">
|
||||
<p>In this section:</p>
|
||||
<p><a href="#How_Certificate_Validation_Works">How Certificate Validation Works</a></p>
|
||||
<p><a href="#Managing_CRLs">Manage CRLs</a></p>
|
||||
<p><a href="#Configuring_Certificate_Manager_for_OCSP">Configure Certificate Manager for OCSP</a></p>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<p>
|
||||
|
||||
<p> </p>
|
||||
<a name="How_Certificate_Validation_Works"><h2>How Certificate Validation Works</h2></a>
|
||||
|
||||
<p>Whenever you use or view a certificate stored by Certificate Manager, it takes several steps to verify the certificate. At a minimum, it confirms that the CA's digital signature on the certificate was created by a CA whose own certificate is (1) present in the the Certificate Manager's list of available CA certificates and (2) marked as trusted for issuing the kind of certificate being verified.
|
||||
|
||||
<p>If the CA certificate is not itself present, the <a href="glossary.html#certificate_chain">certificate chain</a> for the CA certificate must include a higher-level CA certificate that is present and correctly trusted. Certificate Manager also confirms that the certificate being verified has not been marked as untrusted in the certificate store. If any one of these checks fails, Certificate Manager marks the certificate as unverified and won't recognize the identity it certifies.
|
||||
|
||||
<p>A certificate can pass all these tests and still be compromised in some way; for example, the certificate may have been revoked because an unauthorized person has gained access to the private key that corresponds to the public key in the certificate. A compromised certificate can allow an unauthorized person (or web site) to pretend to be the certificate owner.
|
||||
|
||||
<p>One way to combat this threat is for Certificate Manager to check a certificate revocation list (CRL) periodically (see <a href="#Managing_CRLs">Managing CRLs</a>, below). However, the reliability of CRLs is subject to the frequency with which they are both updated by a server and checked by a client, and their size can sometimes cause delays in the verification process that may not be acceptable to some people.
|
||||
|
||||
<p>Another way to combat this threat is to use a special server that supports the Online Certificate Status Protocol (OCSP). Such a server can answer client queries about individual certificates (see <a href="#Configuring_Certificate_Manager_for_OCSP">Configuring Certificate Manager for OCSP</a>, below). The server, called an OCSP responder, receives an updated CRL periodically from the CA that issues the certificates to be verified. You can configure Certificate Manager to submit a status request for a certificate to the OCSP responder, and the OCSP responder confirms whether the certificate is valid.
|
||||
|
||||
|
||||
<p> </p>
|
||||
<a name="Managing_CRLs"><h2>Manage CRLs</h2></a>
|
||||
|
||||
<p>The settings that control CRLs are part of Validation preferences. To view Validation preferences, follow these steps:
|
||||
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Under the Privacy and Security category, choose Validation. (If no subcategories are visible, click to expand the list.)
|
||||
</ol>
|
||||
|
||||
<p>Click the Manage CRLs in the Validation Settings panel to see a list of the CRLs available to Certificate Manager. To delete a CRL, select it, then click Delete.
|
||||
|
||||
|
||||
|
||||
<p> </p>
|
||||
<a name="Configuring_Certificate_Manager_for_OCSP"><h2>Configure Certificate Manager for OCSP</h2></a>
|
||||
|
||||
|
||||
<p>The settings that control OCSP are part of Validation preferences. To view Validation preferences, follow these steps:
|
||||
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Under the Privacy and Security category, choose Validation. (If no subcategories are visible, click to expand the list.)
|
||||
</ol>
|
||||
|
||||
<p>For information about the OCSP options available, see <a href="validation_help.html">Validation Settings</a>.
|
||||
|
||||
<p>
|
||||
[ <A HREF="#certs_first">Return to beginning of Using Certificates section</A> ]
|
||||
|
@ -218,7 +383,7 @@
|
|||
|
||||
|
||||
<hr>
|
||||
<p><i>5/9/2001</i></p>
|
||||
<p><i>6/12/2001</i></p>
|
||||
<p>Copyright © 1994-2001 Netscape Communications Corporation.</p>
|
||||
|
||||
</body>
|
||||
|
|
|
@ -9,21 +9,13 @@
|
|||
<body bgcolor="white">
|
||||
|
||||
<a NAME="using_certs_first"></a>
|
||||
<h1>Using Certificates</h1>
|
||||
<hr><h1>Using Certificates</h1>
|
||||
|
||||
<p>A certificate is the digital equivalent of an ID card. Just as you may have several ID cards for different purposes, such as a driver's license, an employee ID card, or a credit card, you can have several different certificates that identify you for different purposes.</p>
|
||||
|
||||
<P>This section describes how to use the Certificate Manager to work with the certificates you have on file. To open the Certificate Manager, follow these steps:
|
||||
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Click Privacy and Security.
|
||||
<li>Click Manage Certificates.
|
||||
</ol>
|
||||
|
||||
<p>When you are using Certificate Manager windows, you can obtain more detailed instructions by clicking the Help button in the lower-right corner of each window.</P>
|
||||
|
||||
<P>This section describes how to perform operations related to certificates.
|
||||
|
||||
<p> </p>
|
||||
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
|
||||
<tr>
|
||||
<td class="inthissection">
|
||||
|
@ -41,9 +33,9 @@
|
|||
|
||||
<p> </p>
|
||||
<a NAME="using_certs_get"></a>
|
||||
<h2>Get Your Own Certificate</h2>
|
||||
<hr><h1>Get Your Own Certificate</h1>
|
||||
|
||||
<P>Much like a credit card or a driver's license, a certificate is a form of identification you can use to identify yourself over the Internet and other networks. Like other commonly used personal IDs, a certificate is typically issued by an organization with recognized authority to issue such identification. An organization that issues certificates is called a certificate authority (CA).
|
||||
<P>Much like a credit card or a driver's license, a certificate is a form of identification you can use to identify yourself over the Internet and other networks. Like other commonly used personal IDs, a certificate is typically issued by an organization with recognized authority to issue such identification. An organization that issues certificates is called a <b>certificate authority (CA).</b>
|
||||
|
||||
<p>You can obtain certificates that identify you from public CAs, from system administrators or special CAs within your organization, or from web sites offering specialized services that require a means of identification more reliable that your name and password.
|
||||
|
||||
|
@ -51,13 +43,13 @@
|
|||
|
||||
<p>You can obtain a certificate today by visiting the URL for a certificate authority and following the on-screen instructions. For a list of certificate authorities, see the online document <a href="https://certs.netscape.com/" TARGET="_blank">Client Certificates</a>. </p>
|
||||
|
||||
<p>Once you obtain a certificate, it is automatically stored in a <a href="glossary.html#security device">security device</a>. Your browser comes with its own built-in software security device. A security device can also be a piece of hardware, such as a smart card.</p>
|
||||
<p>Once you obtain a certificate, it is automatically stored in a <a href="glossary.html#security_device">security device</a>. Your browser comes with its own built-in software security device. A security device can also be a piece of hardware, such as a smart card.</p>
|
||||
|
||||
<p>Like a driver's license or a credit card, a certificate is a valuable form of identification that can be abused if it falls into the wrong hands. Once you've obtained a certificate that identifies you, you should protect it in two ways: by backing it up and by setting your <a href="glossary.html#master password">master password</a>.
|
||||
<p>Like a driver's license or a credit card, a certificate is a valuable form of identification that can be abused if it falls into the wrong hands. Once you've obtained a certificate that identifies you, you should protect it in two ways: by backing it up and by setting your <a href="glossary.html#master_password">master password</a>.
|
||||
|
||||
<p>When you first obtain a certificate, you may be prompted to back it up. If you haven't yet created a master password, you will be asked to create one.
|
||||
|
||||
<p>For detailed information about backing up a certificate and setting your master password, see <a href="certs_help.html#My_Certificates">My Certificates</a>.
|
||||
<p>For detailed information about backing up a certificate and setting your master password, see <a href="certs_help.html#My_Certificates">Your Certificates</a>.
|
||||
|
||||
|
||||
<p>
|
||||
|
@ -66,14 +58,17 @@
|
|||
|
||||
<p> </p>
|
||||
<a NAME="using_certs_info"></a>
|
||||
<h2>Check Security for a Web Page</h2>
|
||||
|
||||
<p><b>[describes the lock icon and how to open Page Info for a given web page.]</b></p>
|
||||
|
||||
|
||||
<hr><h1>Check Security for a Web Page</h1>
|
||||
|
||||
<p>Whenever you're viewing a web page, you can choose Page Info from the View menu, then click the Security tab to see information about the security available for that page.
|
||||
|
||||
<p>The Security tab for Page Info provides two kinds of information:
|
||||
<ul>
|
||||
<li>The top half of the panel describes whether the web site displaying the page has been correctly identified.
|
||||
<li>The bottom half describes whether the page you are viewing is encrypted, and if so what grade of encryption it uses.
|
||||
</ul>
|
||||
|
||||
<p>If you're not sure what the displayed information means, click the Help button in the Security tab to find out more.</p>
|
||||
|
||||
<p>
|
||||
[ <A HREF="#using_certs_first">Return to beginning of Using Certificates section</A> ]
|
||||
|
@ -82,7 +77,7 @@
|
|||
|
||||
<p> </p>
|
||||
<a NAME="using_certs_manage"></a>
|
||||
<h2>Manage Certificates</h2>
|
||||
<hr><h1>Manage Certificates</h1>
|
||||
|
||||
<p>You can use the Certificate Manager to manage the certificates you have available. Certificates may be stored on your computer's hard disk or on smart cards or other security devices attached to your computer.</p>
|
||||
|
||||
|
@ -90,26 +85,32 @@
|
|||
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Click Privacy/Security.
|
||||
<li>Click Manage Certificates.
|
||||
<li>Under the Privacy and Security category, choose Certificates. (If no subcategories are visible, click to expand the list.)
|
||||
<li>In the Certificates panel, click Manage Certificates.
|
||||
</ol>
|
||||
|
||||
<p>The sections that follow describe some of the tasks you can use the Certificate Manager to perform. For more detailed instructions about using any Certificate Manager window, click the Help button for that window.
|
||||
|
||||
<p><a HREF="#using_certs_my">Manage Certificates that Identify You</a><br>
|
||||
<a HREF="#using_certs_sites">Manage Certificates that Identify Web Sites</a><br>
|
||||
<a HREF="#using_certs_cas">Manage Certificates that Identify Certificate Authorities</a>
|
||||
<p>
|
||||
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
|
||||
<tr>
|
||||
<td class="inthissection">
|
||||
<p>In this section:</p>
|
||||
<p><a HREF="#using_certs_my">Manage Certificates that Identify You</a></p>
|
||||
<p><a HREF="#using_certs_sites">Manage Certificates that Identify Web Sites</a></p>
|
||||
<p><a HREF="#using_certs_cas">Manage Certificates that Identify Certificate Authorities</a></a></p>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
<p> </p>
|
||||
<a NAME="using_certs_my"></a>
|
||||
<H3>Manage Certificates that Identify You</H3>
|
||||
<H2>Manage Certificates that Identify You</H2>
|
||||
|
||||
|
||||
<p>When you first open the Certificate Manager, you'll notice that it has several tabs across the top of its window. The first tab is called My Certificates, and it displays the certificates your browser has on file that identify you. Your certificates are listed under the names of the organizations that issued them.
|
||||
<p>When you first open the Certificate Manager, you'll notice that it has several tabs across the top of its window. The first tab is called Your Certificates, and it displays the certificates your browser has available that identify you. Your certificates are listed under the names of the organizations that issued them.
|
||||
|
||||
<p>To perform an action on one or more certificates, click the entry for the certificate (or Shift-click to select more than one), then click the View, Backup, or Delete button. Each of these buttons brings up another window that allows you to perform the action. Click the Help button in any window to obtain more information about using that window.
|
||||
|
||||
<p>The other buttons in the My Certificates tab don't require you to select a certificate first. You can use them to perform these actions:
|
||||
<p>The other buttons under Your Certificates don't require a certificate to be selected. You use them to perform these actions:
|
||||
<ul>
|
||||
<li><b>Restore.</b> Click this button if you want to restore a certificate that you've previously backed up or transferred from one machine to another.
|
||||
|
||||
|
@ -119,7 +120,7 @@
|
|||
|
||||
</ul>
|
||||
|
||||
<p>For more details about any of these tasks, click the Help button in any Certificate Manager window or see <a href="certs_help.html#My_Certificates">My Certificates</a>.
|
||||
<p>For more details about any of these tasks, click the Help button in any Certificate Manager window or see <a href="certs_help.html#My_Certificates">Your Certificates</a>.
|
||||
|
||||
|
||||
<p>
|
||||
|
@ -128,13 +129,13 @@
|
|||
|
||||
<p> </p>
|
||||
<a NAME="using_certs_sites"></a>
|
||||
<H3>Manage Certificates that Identify Web Sites</H3>
|
||||
<H2>Manage Certificates that Identify Web Sites</H2>
|
||||
|
||||
<p>Some web sites use certificates to identify themselves. Such identification is required before the web site can encrypt information transferred between the site and your computer (or vice versa), so that nobody can read the data while in transit.
|
||||
|
||||
<p>If the URL for a web site begins with <tt>https://</tt>, the web site has a certificate. If you visit such a web site and its certificate was issued by a CA that your browser doesn't know about or doesn't trust, you will be asked whether you want to accept web site's certificate. When you accept a new web site certificate, the Certificate Manager adds it to its list of web site certificates.
|
||||
<p>If the URL for a web site begins with <tt>https://</tt>, the web site has a certificate. If you visit such a web site and its certificate was issued by a CA the Certificate Manager doesn't know about or doesn't trust, you will be asked whether you want to accept web site's certificate. When you accept a new web site certificate, the Certificate Manager adds it to its list of web site certificates.
|
||||
|
||||
<p>To view all the web site certificates available to your browser, click the tab labeled Web Site Certificates at the top of the Certificate Manager window.
|
||||
<p>To view all the web site certificates available to your browser, click the tab labeled Web Sites at the top of the Certificate Manager window.
|
||||
|
||||
<p>To perform an action on one or more web site certificates, click the entry for the certificate (or Shift-click to select more than one), then click the View, Edit, or Delete button. Each of these buttons brings up another window that allows you to perform the corresonding action. Click the Help button in any window to obtain more information about using that window.
|
||||
|
||||
|
@ -150,13 +151,13 @@
|
|||
|
||||
<p> </p>
|
||||
<a NAME="using_certs_cas"></a>
|
||||
<H3>Manage Certificates that Identify Certificate Authorities</H3>
|
||||
<H2>Manage Certificates that Identify Certificate Authorities</H2>
|
||||
|
||||
<p>Like other commonly used forms of ID, a certificate is issued by an organization with recognized authority to issue such identification. An organization that issues certificates is called a <a href="glossary.html#certificate authority (CA)">certificate authority (CA)</a>. A certificate that identifies a CA is called a CA certificate.
|
||||
<p>Like other commonly used forms of ID, a certificate is issued by an organization with recognized authority to issue such identification. An organization that issues certificates is called a <a href="glossary.html#certificate_authority_(CA)">certificate authority (CA)</a>. A certificate that identifies a CA is called a CA certificate.
|
||||
|
||||
<p> Certificate Manager typically has many CA certificates on file. These CA certificates permit Certificate Manager to recognize and work with certificates issued by the corresponding CAs. However, the presence of a CA certificate in this list does <i>not</i> guarantee that the certificates it issues can be trusted. You or your system administrator must make decisions about what kinds of certificates to trust depending on your security needs.
|
||||
|
||||
<p>To view all the CA certificates available to your browser, click the tab labeled Web Site Certificates at the top of the Certificate Manager window.
|
||||
<p>To view all the CA certificates available to your browser, click the tab labeled Authorities at the top of the Certificate Manager window.
|
||||
|
||||
<p>To perform an action on one or more CA certificates, click the entry for the certificate (or Shift-click to select more than one), then click the View, Edit, or Delete button. Each of these buttons brings up another window that allows you to perform the action. Click the Help button in any window to obtain more information about using that window.
|
||||
|
||||
|
@ -171,28 +172,137 @@
|
|||
|
||||
<p> </p>
|
||||
<a NAME="using_certs_devices"></a>
|
||||
<h2>Manage Smart Cards and Other Security Devices</h2>
|
||||
<hr><h1>Manage Smart Cards and Other Security Devices</h1>
|
||||
|
||||
<p>A smart card is a small device, typically about the size of a credit card, that contains a microprocessor and is capable of storing information about your identity (such as your <a href="glossary.html#private_key">private keys</a> and <a href="glossary.html#certificate">certificates</a>) and performing cryptographic operations.
|
||||
|
||||
<p>To use a smart card, you typically need to have a smart card reader (a piece of hardware) attached to your computer, as well as software on your computer that controls the reader.
|
||||
|
||||
<p>A smart card is just one kind of security device. A security device (sometimes called a token) is a hardware or software device that provides cryptographic services and stores information about your identity. To work with smart cards and other security devices, you use the Device Manager.
|
||||
|
||||
|
||||
<P><a NAME="using_certs_devices_open"></a>This section describes how to use the Device Manager to manage security devices. To open the Device Manager, follow these steps:
|
||||
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Under the Privacy and Security category, choose Certificates. (If no subcategories are visible, click to expand the list.)
|
||||
<li>In the Certificates panel, click Manage Devices.
|
||||
</ol>
|
||||
<p> </p>
|
||||
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
|
||||
<tr>
|
||||
<td class="inthissection">
|
||||
<p>In this section:</p>
|
||||
<p><a href="#using_certs_devices_about">About Security Devices and Modules</a></p>
|
||||
<p><a href="#using_certs_devices_devices">Work with Security Devices</a></p>
|
||||
<p><a href="#using_certs_devices_modules">Work with Security Modules</a></p>
|
||||
<p><a href="#using_certs_devices_fips">Enable FIPS Mode</a></p>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
<p> </p>
|
||||
<a NAME="using_certs_devices_about"></a>
|
||||
<h2>About Security Devices and Modules</h1>
|
||||
|
||||
<p>The Device Manager displays a window that lists the available security devices. You can use the Device Manager to manage any security devices, including smart cards, that support the Public Key Cryptography Standard (PKCS) #11.
|
||||
|
||||
<p>A <a href="glossary.html#PKCS_#11_module">PKCS #11 module</a> (sometimes called a security module) controls one or more security devices in much the same way that a software driver controls an external device such as a printer or modem. If you are installing a smart card, you must install the PKCS #11 module for the smart card on your computer as well as connecting the smart card reader.
|
||||
|
||||
<p>By default, the Device Manager controls two internal PKCS #11 modules that manage three security devices:
|
||||
|
||||
<ul>
|
||||
<li><b>Builtin Roots Module</b> controls a special security device called the Builtin Object Token. This token stores the default <a href="glossary.html#CA_certificate">CA certificates</a> that come with the browser.
|
||||
<li><b>Netscape Internal PKCS #11 Module</b> controls two security devices:
|
||||
<ul>
|
||||
<li><b>Generic Crypto Services</b> is a special security device that performs all cryptographic operations required by the Netscape Internal PKCS #11 Module.
|
||||
<li><b>Software Security Device</b> stores your certificates and keys that aren't stored on external security devices, including any CA certificates that you may have installed in addition to those that come with the browser.
|
||||
</ul>
|
||||
</ul>
|
||||
|
||||
<p><b>[Describes how to open the Cert Manager to the fifth tab and how to add, delete, log into, or log out of security modules and devices.]</b></p>
|
||||
|
||||
<p>
|
||||
[ <A HREF="#using_certs_first">Return to beginning of Using Certificates section</A> ]
|
||||
</p>
|
||||
|
||||
<p> </p>
|
||||
<a NAME="using_certs_devices_devices"></a>
|
||||
<h2>Work With Security Devices</h1>
|
||||
|
||||
<p>This section assumes you are looking at the Device Manager. (If you don't know how to open it, <a href="#using_certs_devices_open">click here</a>).
|
||||
|
||||
<p>The Device Manager lists each available PKCS #11 module in boldface, and the security devices managed by each module below its name.
|
||||
|
||||
<p>When you select a security device, information about it appears in the middle of the Device Manager window, and some of the buttons on the right side of the window become available. For example, if you select the Software Security Device, you can perform these actions:
|
||||
|
||||
<ul>
|
||||
<li>Click Login or Logout to log in or out of the Software Security Device. If you are logging in, you will be asked to supply the master password for the device. You must be logged into a security device before your browser software can use it to provide cryptographic services.
|
||||
<li>Click Change Password to change the master password for the device.
|
||||
</ul>
|
||||
|
||||
|
||||
<p>You can perform these actions on most security devices. However, you cannot perform them on Builtin Object Token or Generic Crypto Services, which are special devices that must normally be available at all times.
|
||||
|
||||
|
||||
<p>
|
||||
[ <A HREF="#using_certs_first">Return to beginning of Using Certificates section</A> ]
|
||||
</p>
|
||||
|
||||
<p> </p>
|
||||
<a NAME="using_certs_devices_modules"></a>
|
||||
<h2>Work With Security Modules</h1>
|
||||
|
||||
<p>This section assumes you are looking at the Device Manager. (If you don't know how to open it, <a href="#using_certs_devices_open">click here</a>).
|
||||
|
||||
<p>Before you can add a PKCS #11 module to the list displayed by the Device Manager, you must first
|
||||
install the module software on your computer and if necessary connect any associated hardware (such as
|
||||
a smart card reader). Follow the instructions that come with the hardware.
|
||||
|
||||
<p>After a new module is installed on your computer, follow these steps to load it:
|
||||
|
||||
<ul>
|
||||
<li>Click Load.
|
||||
<li>In the Load PKCS #11 Module dialog box, click the Browse button, locate the module file, and click Open.
|
||||
<li>Fill in the Module Name field with the name of the module and click OK.
|
||||
</ul>
|
||||
|
||||
<p>The new module will then show up in the list of modules with the name you assigned to it.
|
||||
|
||||
<p>To unload a PKCS #11 module, select its name and click Unload.
|
||||
|
||||
|
||||
<p> </p>
|
||||
<a NAME="using_certs_devices_fips"></a>
|
||||
<h2>Enable FIPS Mode</h2>
|
||||
|
||||
<p>Federal Information Processing Standards Publications (FIPS PUBS) 140-1 is a US government standard for implementations of cryptographic modules—that is, hardware or software that encrypts and decrypts data or performs other cryptographic operations (such as creating or verifying digital signatures). Many products sold to the US government must comply with one or more of the FIPS standards.
|
||||
|
||||
<p>To enable FIPS mode for the browser, you use the Device Manager. (If you don't know how to open it, <a href="#using_certs_devices_open">click here</a>).
|
||||
|
||||
<p>To enable FIPS mode, click the Enable FIPS button. When FIPS is enabled, the name Netscape Internal PKCS #11 Modulee changes to Netscape Internal PKCS #11 Module FIPS and the Enable FIPS button changes to Disable FIPS.
|
||||
|
||||
<p>To disable FIPS-mode, click Disable FIPS.</P></A>
|
||||
|
||||
<p>
|
||||
[ <A HREF="#using_certs_first">Return to beginning of Using Certificates section</A> ]
|
||||
</p>
|
||||
|
||||
<p> </p>
|
||||
<a NAME="using_certs_ssl"></a>
|
||||
<h2>View or Change SSL Settings</h2>
|
||||
<hr><h1>Manage SSL Warnings and Settings</h1>
|
||||
|
||||
<p>The Secure Sockets Layer (SSL) protocol allows your computer to exchange information with web site computers in encrypted form--that is, the information is scrambled while in transit so that nobody else can make sense of it. SSL is also used to identify computers on the Internet by means of certificates.
|
||||
<p>The Secure Sockets Layer (SSL) protocol allows your computer to exchange information with other computers on the Internet in encrypted form—that is, the information is scrambled while in transit so that nobody else can make sense of it. SSL is also used to identify computers on the Internet by means of <a href="glossary.html#certificate">certificates</a>.
|
||||
|
||||
<p>Transport Layer Security (TLS) is a new standard based on SSL. By default, the browser supports both SSL and TLS. This approach works for most people, because it guarantees that the browser will work with virtually all other existing software on the Internet that supports any version of SSL or TLS. However, in some circumstances system administrators or other knowledgeable persons may wish to adjust the SSL settings to fine-tune them for special security needs or to account for bugs in some older software products.
|
||||
<p>The Transport Layer Security (TLS) protocol is a new standard based on SSL. By default, the browser supports both SSL and TLS. This approach works for most people, because it guarantees that the browser will work with virtually all other existing software on the Internet that supports any version of SSL or TLS.
|
||||
|
||||
<p>However, in some circumstances system administrators or other knowledgeable persons may wish to adjust the SSL settings to fine-tune them for special security needs or to account for bugs in some older software products.
|
||||
|
||||
<p>You shouldn't adust the SSL settings for your browser unless you know what you're doing or have the assistance of someone else who does. If you do need to adjust them for some reason, follow these steps:
|
||||
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Under the Privacy and Security category, select SSL. (If no options are visible under Privacy and Security, click its triangle to expand the list.)
|
||||
<li>Under the Privacy and Security category, select SSL. (If no subcategories are visible, click to expand the list.)
|
||||
</ol>
|
||||
|
||||
<p>For more details, click the Help button in the SSL Settings panel or see <a href="ssl_help.html">SSL Settings</a>.
|
||||
|
@ -207,9 +317,64 @@
|
|||
|
||||
<p> </p>
|
||||
<a NAME="using_certs_validation"></a>
|
||||
<h2>View or Change Validation Settings</h2>
|
||||
<hr><h1>Manage Validation Settings</h1>
|
||||
|
||||
<p><b>[Describes how use Validation Preferences.]</b></p>
|
||||
<p>As discussed above under <a href="#using_certs_get">Get Your Own Certificate</a>, a certificate is a form of identification, much like a driver's license, that you can use to identify yourself over the Internet and other networks. However, also like a driver's license, a certificate may be expired or invalid for some other reason. Therefore, your browser software needs to confirm the validity of any given certificate in some way before trusting it for identification purposes.
|
||||
|
||||
<p>This section describes how Certificate Manager validates certificates and how to control that process. To understand the process, you should have some familiarity with <a href="glossary.html#public-key_cryptography">public-key_cryptography</a>. If you are not familiar with the use of certificates, you should check with your system administrator before attempting to change any of your browser's certificate validation settings.<p>
|
||||
|
||||
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
|
||||
<tr>
|
||||
<td class="inthissection">
|
||||
<p>In this section:</p>
|
||||
<p><a href="#How_Certificate_Validation_Works">How Certificate Validation Works</a></p>
|
||||
<p><a href="#Managing_CRLs">Manage CRLs</a></p>
|
||||
<p><a href="#Configuring_Certificate_Manager_for_OCSP">Configure Certificate Manager for OCSP</a></p>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<p>
|
||||
|
||||
<p> </p>
|
||||
<a name="How_Certificate_Validation_Works"><h2>How Certificate Validation Works</h2></a>
|
||||
|
||||
<p>Whenever you use or view a certificate stored by Certificate Manager, it takes several steps to verify the certificate. At a minimum, it confirms that the CA's digital signature on the certificate was created by a CA whose own certificate is (1) present in the the Certificate Manager's list of available CA certificates and (2) marked as trusted for issuing the kind of certificate being verified.
|
||||
|
||||
<p>If the CA certificate is not itself present, the <a href="glossary.html#certificate_chain">certificate chain</a> for the CA certificate must include a higher-level CA certificate that is present and correctly trusted. Certificate Manager also confirms that the certificate being verified has not been marked as untrusted in the certificate store. If any one of these checks fails, Certificate Manager marks the certificate as unverified and won't recognize the identity it certifies.
|
||||
|
||||
<p>A certificate can pass all these tests and still be compromised in some way; for example, the certificate may have been revoked because an unauthorized person has gained access to the private key that corresponds to the public key in the certificate. A compromised certificate can allow an unauthorized person (or web site) to pretend to be the certificate owner.
|
||||
|
||||
<p>One way to combat this threat is for Certificate Manager to check a certificate revocation list (CRL) periodically (see <a href="#Managing_CRLs">Managing CRLs</a>, below). However, the reliability of CRLs is subject to the frequency with which they are both updated by a server and checked by a client, and their size can sometimes cause delays in the verification process that may not be acceptable to some people.
|
||||
|
||||
<p>Another way to combat this threat is to use a special server that supports the Online Certificate Status Protocol (OCSP). Such a server can answer client queries about individual certificates (see <a href="#Configuring_Certificate_Manager_for_OCSP">Configuring Certificate Manager for OCSP</a>, below). The server, called an OCSP responder, receives an updated CRL periodically from the CA that issues the certificates to be verified. You can configure Certificate Manager to submit a status request for a certificate to the OCSP responder, and the OCSP responder confirms whether the certificate is valid.
|
||||
|
||||
|
||||
<p> </p>
|
||||
<a name="Managing_CRLs"><h2>Manage CRLs</h2></a>
|
||||
|
||||
<p>The settings that control CRLs are part of Validation preferences. To view Validation preferences, follow these steps:
|
||||
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Under the Privacy and Security category, choose Validation. (If no subcategories are visible, click to expand the list.)
|
||||
</ol>
|
||||
|
||||
<p>Click the Manage CRLs in the Validation Settings panel to see a list of the CRLs available to Certificate Manager. To delete a CRL, select it, then click Delete.
|
||||
|
||||
|
||||
|
||||
<p> </p>
|
||||
<a name="Configuring_Certificate_Manager_for_OCSP"><h2>Configure Certificate Manager for OCSP</h2></a>
|
||||
|
||||
|
||||
<p>The settings that control OCSP are part of Validation preferences. To view Validation preferences, follow these steps:
|
||||
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Under the Privacy and Security category, choose Validation. (If no subcategories are visible, click to expand the list.)
|
||||
</ol>
|
||||
|
||||
<p>For information about the OCSP options available, see <a href="validation_help.html">Validation Settings</a>.
|
||||
|
||||
<p>
|
||||
[ <A HREF="#certs_first">Return to beginning of Using Certificates section</A> ]
|
||||
|
@ -218,7 +383,7 @@
|
|||
|
||||
|
||||
<hr>
|
||||
<p><i>5/9/2001</i></p>
|
||||
<p><i>6/12/2001</i></p>
|
||||
<p>Copyright © 1994-2001 Netscape Communications Corporation.</p>
|
||||
|
||||
</body>
|
||||
|
|
|
@ -8,26 +8,6 @@
|
|||
|
||||
<body bgcolor="white">
|
||||
|
||||
<a NAME="using_maintain"></a>
|
||||
<h1>Using Privacy Features</h1>
|
||||
|
||||
<p>The Internet is a public network of millions of computers, all sharing information. On the Internet, communications move back and forth across public lines and through numerous connections. As with all public lines, eavesdropping is possible.</p>
|
||||
|
||||
<p>Fortunately, your browser contains features that safeguard security. Click one of the links below to learn more.</p>
|
||||
|
||||
|
||||
<p> </p>
|
||||
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
|
||||
<tr>
|
||||
<td class="inthissections">
|
||||
<p>In this section:</p>
|
||||
<p><a href="#using_cookies">Using the Cookie Manager</a></p>
|
||||
<p><a href="#using_password">Using the Password Manager</a></p>
|
||||
<p><a href="#using_forms">Using the Form Manager</a></p>
|
||||
<p><a href="#using_encrypt">Encrypting Stored Sensitive Information</a></p>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
<a NAME="using_cookies"></a>
|
||||
<hr>
|
||||
|
@ -39,7 +19,7 @@
|
|||
|
||||
<ul>
|
||||
<li>Accepts or rejects any requests by the web site to <b>set</b> (store) one or more cookies on your computer.
|
||||
<li>Accepts or rejects any requests by the web site to <b>read</b> cookies it previously stored on your computer. A web site can't actually read cookies or any other data on your computer---instead, your browser gets the cookies and sends them back to the web site.
|
||||
<li>Accepts or rejects any requests by the web site to <b>read</b> cookies it previously stored on your computer. A web site can't actually read cookies or any other data on your computer—instead, your browser gets the cookies and sends them back to the web site.
|
||||
</ul>
|
||||
|
||||
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
|
||||
|
@ -63,15 +43,17 @@
|
|||
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Under the Advanced category, choose Cookies. (If not options are visible in this category, click to expand the list.)
|
||||
<li>Under the Privacy and Security category, choose Cookies. (If no subcategories are visible, click to expand the list.)
|
||||
<li>Click one of the radio buttons:
|
||||
|
||||
<ul>
|
||||
<li><b>Enable all cookies:</b> Choose this to permit all web sites to set cookies on your computer and receive them back during subsequent visits. <b>Note:</b> If you choose this option, and later choose to reject all cookies, you may still have some older cookies stored on your computer (though no new ones will be set).
|
||||
<li><p><b>Disable cookies:</b> Choose this to refuse all cookies.
|
||||
|
||||
<li><b>Enable cookies for the originating web site only:</b> Choose this if you don't want to accept or return <a href="privacy_help.html#privacy_foreign">Foreign cookies</a>. Cookies received through email (when the message contains a web page) are treated as foreign cookies.
|
||||
|
||||
<li><b>Enable all cookies:</b> Choose this to permit all web sites to set cookies on your computer and receive them back during subsequent visits. <b>Note:</b> If you select this option, and later choose to reject all cookies, you may still have some older cookies stored on your computer (though no new ones will be set).
|
||||
|
||||
<li><b>Enable cookies for the originating web site only:</b> <a href="#privacy_foreign">Foreign cookies</a> are not accepted or returned. Cookies received through email (when the message contains a web page) are treated as foreign cookies.
|
||||
|
||||
<li><b>Disable all cookies:</b> Choose this to refuse all cookies.
|
||||
</ul>
|
||||
|
||||
<li>If you want to be notified when a web site tries to set a cookie, select "Warn me before accepting a cookie."
|
||||
|
@ -91,8 +73,9 @@
|
|||
<p>If you wish to change a remembered response later, use Cookie Manager as follows:</p>
|
||||
|
||||
<ol>
|
||||
<li>Open the Tasks menu, choose Privacy and Security, and then choose Cookie Manager.</li>
|
||||
<li>Click the Cookies Site tab.</li>
|
||||
<li>Open the Tasks menu, choose Privacy and Security, then choose Cookie Manager</li>
|
||||
<li>Choose View Stored Cookies from the submenu. The Cookie Manager window opens with a list of all the cookies stored on your computer.</li>
|
||||
<li>Click the Cookie Sites tab.</li>
|
||||
<li>The web sites for which you have allowed or denied cookies are listed. Removing a site from the list resets its status, so the next time you visit that site you will be warned if the site attempts to set a cookie.</li>
|
||||
</ol>
|
||||
|
||||
|
@ -100,7 +83,7 @@
|
|||
|
||||
<ol>
|
||||
<li>Open the Tasks menu, choose Privacy and Security, and then choose Cookie Manager.</li>
|
||||
<li>Choose "Allow cookies from this site," or "Block cookies from this site."</li>
|
||||
<li>Choose "Allow cookies from this site" or "Block cookies from this site."</li>
|
||||
</ol>
|
||||
|
||||
|
||||
|
@ -112,7 +95,7 @@
|
|||
|
||||
<ol>
|
||||
<li>Open the Tasks menu, choose Privacy and Security, and then choose Cookie Manager.
|
||||
<li>Select View Stored Cookies from the submenu. The Cookie Manager window opens with a list of all the cookies stored on your computer.</li>
|
||||
<li>Choose View Stored Cookies from the submenu. The Cookie Manager window opens with a list of all the cookies stored on your computer.</li>
|
||||
<li>To see details for a particular cookie, click it. The table below explains the information you see.</li>
|
||||
</ol>
|
||||
|
||||
|
@ -124,7 +107,7 @@
|
|||
</tr>
|
||||
|
||||
<tr>
|
||||
<td valign="top">Cookie Name</td>
|
||||
<td valign="top">Name</td>
|
||||
<td valign="top">This is the name assigned to the cookie by its originater.</td>
|
||||
</tr>
|
||||
|
||||
|
@ -148,8 +131,8 @@ A domain cookie is sent back to any site that's in the same domain as the site t
|
|||
</tr>
|
||||
|
||||
<tr>
|
||||
<td valign="top">Secure Server</td>
|
||||
<td valign="top">This lists whether the cookie was sent over a secure server. If a cookie is secure, it will only be sent over a secure (https) connection. Before sending a secure cookie, your browser checks the connection and will not send if the connection is not secure.</td>
|
||||
<td valign="top">Server Secure</td>
|
||||
<td valign="top">This indicates whether the cookie was sent over a secure server. If a cookie is secure, it will only be sent over a secure (https) connection. Before sending a secure cookie, your browser checks the connection and will not send if the connection is not secure.</td>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
|
@ -168,7 +151,7 @@ A domain cookie is sent back to any site that's in the same domain as the site t
|
|||
<p>To remove one or more cookies from your computer:
|
||||
<ol>
|
||||
<li>Open the Tasks menu, choose Privacy and Security, and then choose Cookie Manager.
|
||||
<li>Click the Stored Cookies tab.
|
||||
<li>Choose View Stored Cookies from the submenu. The Cookie Manager window opens with a list of all the cookies stored on your computer.</li>
|
||||
<li>Select one or more cookies and click Remove, or click Remove All Cookies.
|
||||
</ol>
|
||||
|
||||
|
@ -234,7 +217,7 @@ A domain cookie is sent back to any site that's in the same domain as the site t
|
|||
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>From the Advanced category, choose Passwords. (If no options are visible in this category, click to expand the list.)
|
||||
<li>From the Privacy and Security category, choose Passwords. (If no subcategories are visible, click to expand the list.)
|
||||
<li>In the Password Manager section, deselect "Remember passwords for sites that require me to log in" to turn Password Manager off.
|
||||
</ol>
|
||||
|
||||
|
@ -261,7 +244,7 @@ A domain cookie is sent back to any site that's in the same domain as the site t
|
|||
<hr>
|
||||
<h1>Using the Form Manager</h1>
|
||||
|
||||
<p>Many web pages contain forms for you to fill out---order forms for online shopping, information databases, and so forth.</p>
|
||||
<p>Many web pages contain forms for you to fill out—order forms for online shopping, information databases, and so forth.</p>
|
||||
|
||||
<p>Form Manager can save the personal data you need to enter when you fill out a form, by storing such information as name, address, phone, credit card numbers, and so forth. Then, when a web site presents you with a form, Form Manager can fill it out automatically.</p>
|
||||
|
||||
|
@ -292,9 +275,8 @@ A domain cookie is sent back to any site that's in the same domain as the site t
|
|||
|
||||
<ol>
|
||||
<li>Open the Tasks menu, choose Privacy and Security, and then choose Form Manager.
|
||||
<li>Select Interview from the submenu.
|
||||
<li>Fill out as many fields as you want.
|
||||
<li>When you're finished with the Interview form, open the Edit menu and choose Save Form Data.
|
||||
<li>Select Demonstration from the submenu.
|
||||
<li>Follow the instructions.
|
||||
</ol>
|
||||
|
||||
</ul>
|
||||
|
@ -322,7 +304,7 @@ A domain cookie is sent back to any site that's in the same domain as the site t
|
|||
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Under the Advanced category, choose Forms. (If no options are visible in this category, click to expand the list.)
|
||||
<li>Under the Privacy and Security category, choose Forms. (If no subcategories are visible, click to expand the list.)
|
||||
<li>In the Form Manager section, deselect "Save form data from web pages when completing forms."
|
||||
</ol>
|
||||
|
||||
|
@ -332,7 +314,7 @@ A domain cookie is sent back to any site that's in the same domain as the site t
|
|||
|
||||
<p>If you provide personal information such as your name, phone number, email address, and so forth, the web site is free to store that information in its database and use it later. A web site might use this information to improve its service to you or target advertising to your interests. A web site could sell the information it has gathered to other companies.
|
||||
|
||||
<p>One way to find out how a web site uses the information it gathers is to check its <a href="#privacy_unauth">privacy policy</a>.
|
||||
<p>One way to find out how a web site uses the information it gathers is to check its <a href="privacy_help.html#privacy_unauth">privacy policy</a>.
|
||||
|
||||
<p>Before providing personal information on an online form, you must decide whether or not you trust the company---just as you judge whether or not you trust a catalog company before you provide your credit card number on the company's order form.
|
||||
|
||||
|
@ -370,13 +352,13 @@ A domain cookie is sent back to any site that's in the same domain as the site t
|
|||
<a NAME="encrypt_on"></a>
|
||||
<h2>Encrypting Stored Sensitive Information</h2>
|
||||
|
||||
<p>To choose encryption:</p>
|
||||
<p>To turn on encryption for your stored sensitive information:</p>
|
||||
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Under the Privacy and Security category, choose Passwords.
|
||||
<li>Under the Privacy and Security category, choose Passwords. (If no subcategories are visible, click to expand the list.)
|
||||
<li>In the Encrypting versus Obscuring section, select "Use encryption when storing sensitive data." Remove the checkmark to turn encryption off.
|
||||
<li>Click OK. A new dialog box appears and leads you through the process of choosing a master password.
|
||||
<li>Click OK. If you haven't previously set a master password, a new dialog box appears and leads you through the process of setting it.
|
||||
</ol>
|
||||
|
||||
|
||||
|
@ -384,7 +366,7 @@ A domain cookie is sent back to any site that's in the same domain as the site t
|
|||
<a NAME="encrypt_master"></a>
|
||||
<h2>Setting a Master Password</h2>
|
||||
|
||||
<p>If you choose encryption, you'll need a master password. With encryption selected, you'll be asked for your master password at least once during a browser session in which you access any of your stored sensitive information.</p>
|
||||
<p>If you choose to encrypt your stored sensitive information, you'll need a master password. With encryption selected, you'll be asked for your master password at least once during a browser session in which you access any of your stored sensitive information.</p>
|
||||
|
||||
<p>If you choose encryption, but don't already have a master password, you'll be prompted to create one the first time you try to save or retrieve your sensitive information.</p>
|
||||
|
||||
|
@ -395,9 +377,10 @@ A domain cookie is sent back to any site that's in the same domain as the site t
|
|||
|
||||
<ol>
|
||||
<li>Open the Tasks menu, choose Privacy and Security, and then choose Password Manager.</li>
|
||||
<li>Select Change Master Password from the submenu. You see the Change Master Password dialog box.
|
||||
<li>Enter your current master password and click OK.</li>
|
||||
<li>Select Change Master Password from the submenu. You see the Set Master Password dialog box.
|
||||
<li>Enter your current master password. </li>
|
||||
<li>Enter your new master password, and retype it to confirm the spelling.</li>
|
||||
<li>Click OK.
|
||||
</ol>
|
||||
|
||||
|
||||
|
@ -405,7 +388,7 @@ A domain cookie is sent back to any site that's in the same domain as the site t
|
|||
<a NAME="encrypt_logout"></a>
|
||||
<h2>Logging Out of Your Master Password</h2>
|
||||
|
||||
<p>Normally, you are asked for your master password once during each browser session in which you access any of your stored sensitive information. However, you can log out of your master password so that it must be entered again before any sensitive information can be stored or retreived. This is useful if you are going to leave your computer unattended for a period of time.</p>
|
||||
<p>Normally, you are asked for your master password once during each browser session in which you access any of your stored sensitive information. However, you can log out of your master password so that it must be entered again before any sensitive information can be stored or retrieved. This is useful if you are going to leave your computer unattended for a period of time.</p>
|
||||
|
||||
<p>To log out of your master password:</p>
|
||||
|
||||
|
@ -450,7 +433,7 @@ A domain cookie is sent back to any site that's in the same domain as the site t
|
|||
|
||||
<hr>
|
||||
|
||||
<p><i>5/9/2001</i></p>
|
||||
<p><i>6/12/2001</i></p>
|
||||
|
||||
<hr>
|
||||
<p>Copyright © 1994-2001 Netscape Communications Corporation.</p>
|
||||
|
|
|
@ -8,26 +8,6 @@
|
|||
|
||||
<body bgcolor="white">
|
||||
|
||||
<a NAME="using_maintain"></a>
|
||||
<h1>Using Privacy Features</h1>
|
||||
|
||||
<p>The Internet is a public network of millions of computers, all sharing information. On the Internet, communications move back and forth across public lines and through numerous connections. As with all public lines, eavesdropping is possible.</p>
|
||||
|
||||
<p>Fortunately, your browser contains features that safeguard security. Click one of the links below to learn more.</p>
|
||||
|
||||
|
||||
<p> </p>
|
||||
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
|
||||
<tr>
|
||||
<td class="inthissections">
|
||||
<p>In this section:</p>
|
||||
<p><a href="#using_cookies">Using the Cookie Manager</a></p>
|
||||
<p><a href="#using_password">Using the Password Manager</a></p>
|
||||
<p><a href="#using_forms">Using the Form Manager</a></p>
|
||||
<p><a href="#using_encrypt">Encrypting Stored Sensitive Information</a></p>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
<a NAME="using_cookies"></a>
|
||||
<hr>
|
||||
|
@ -39,7 +19,7 @@
|
|||
|
||||
<ul>
|
||||
<li>Accepts or rejects any requests by the web site to <b>set</b> (store) one or more cookies on your computer.
|
||||
<li>Accepts or rejects any requests by the web site to <b>read</b> cookies it previously stored on your computer. A web site can't actually read cookies or any other data on your computer---instead, your browser gets the cookies and sends them back to the web site.
|
||||
<li>Accepts or rejects any requests by the web site to <b>read</b> cookies it previously stored on your computer. A web site can't actually read cookies or any other data on your computer—instead, your browser gets the cookies and sends them back to the web site.
|
||||
</ul>
|
||||
|
||||
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
|
||||
|
@ -63,15 +43,17 @@
|
|||
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Under the Advanced category, choose Cookies. (If not options are visible in this category, click to expand the list.)
|
||||
<li>Under the Privacy and Security category, choose Cookies. (If no subcategories are visible, click to expand the list.)
|
||||
<li>Click one of the radio buttons:
|
||||
|
||||
<ul>
|
||||
<li><b>Enable all cookies:</b> Choose this to permit all web sites to set cookies on your computer and receive them back during subsequent visits. <b>Note:</b> If you choose this option, and later choose to reject all cookies, you may still have some older cookies stored on your computer (though no new ones will be set).
|
||||
<li><p><b>Disable cookies:</b> Choose this to refuse all cookies.
|
||||
|
||||
<li><b>Enable cookies for the originating web site only:</b> Choose this if you don't want to accept or return <a href="privacy_help.html#privacy_foreign">Foreign cookies</a>. Cookies received through email (when the message contains a web page) are treated as foreign cookies.
|
||||
|
||||
<li><b>Enable all cookies:</b> Choose this to permit all web sites to set cookies on your computer and receive them back during subsequent visits. <b>Note:</b> If you select this option, and later choose to reject all cookies, you may still have some older cookies stored on your computer (though no new ones will be set).
|
||||
|
||||
<li><b>Enable cookies for the originating web site only:</b> <a href="#privacy_foreign">Foreign cookies</a> are not accepted or returned. Cookies received through email (when the message contains a web page) are treated as foreign cookies.
|
||||
|
||||
<li><b>Disable all cookies:</b> Choose this to refuse all cookies.
|
||||
</ul>
|
||||
|
||||
<li>If you want to be notified when a web site tries to set a cookie, select "Warn me before accepting a cookie."
|
||||
|
@ -91,8 +73,9 @@
|
|||
<p>If you wish to change a remembered response later, use Cookie Manager as follows:</p>
|
||||
|
||||
<ol>
|
||||
<li>Open the Tasks menu, choose Privacy and Security, and then choose Cookie Manager.</li>
|
||||
<li>Click the Cookies Site tab.</li>
|
||||
<li>Open the Tasks menu, choose Privacy and Security, then choose Cookie Manager</li>
|
||||
<li>Choose View Stored Cookies from the submenu. The Cookie Manager window opens with a list of all the cookies stored on your computer.</li>
|
||||
<li>Click the Cookie Sites tab.</li>
|
||||
<li>The web sites for which you have allowed or denied cookies are listed. Removing a site from the list resets its status, so the next time you visit that site you will be warned if the site attempts to set a cookie.</li>
|
||||
</ol>
|
||||
|
||||
|
@ -100,7 +83,7 @@
|
|||
|
||||
<ol>
|
||||
<li>Open the Tasks menu, choose Privacy and Security, and then choose Cookie Manager.</li>
|
||||
<li>Choose "Allow cookies from this site," or "Block cookies from this site."</li>
|
||||
<li>Choose "Allow cookies from this site" or "Block cookies from this site."</li>
|
||||
</ol>
|
||||
|
||||
|
||||
|
@ -112,7 +95,7 @@
|
|||
|
||||
<ol>
|
||||
<li>Open the Tasks menu, choose Privacy and Security, and then choose Cookie Manager.
|
||||
<li>Select View Stored Cookies from the submenu. The Cookie Manager window opens with a list of all the cookies stored on your computer.</li>
|
||||
<li>Choose View Stored Cookies from the submenu. The Cookie Manager window opens with a list of all the cookies stored on your computer.</li>
|
||||
<li>To see details for a particular cookie, click it. The table below explains the information you see.</li>
|
||||
</ol>
|
||||
|
||||
|
@ -124,7 +107,7 @@
|
|||
</tr>
|
||||
|
||||
<tr>
|
||||
<td valign="top">Cookie Name</td>
|
||||
<td valign="top">Name</td>
|
||||
<td valign="top">This is the name assigned to the cookie by its originater.</td>
|
||||
</tr>
|
||||
|
||||
|
@ -148,8 +131,8 @@ A domain cookie is sent back to any site that's in the same domain as the site t
|
|||
</tr>
|
||||
|
||||
<tr>
|
||||
<td valign="top">Secure Server</td>
|
||||
<td valign="top">This lists whether the cookie was sent over a secure server. If a cookie is secure, it will only be sent over a secure (https) connection. Before sending a secure cookie, your browser checks the connection and will not send if the connection is not secure.</td>
|
||||
<td valign="top">Server Secure</td>
|
||||
<td valign="top">This indicates whether the cookie was sent over a secure server. If a cookie is secure, it will only be sent over a secure (https) connection. Before sending a secure cookie, your browser checks the connection and will not send if the connection is not secure.</td>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
|
@ -168,7 +151,7 @@ A domain cookie is sent back to any site that's in the same domain as the site t
|
|||
<p>To remove one or more cookies from your computer:
|
||||
<ol>
|
||||
<li>Open the Tasks menu, choose Privacy and Security, and then choose Cookie Manager.
|
||||
<li>Click the Stored Cookies tab.
|
||||
<li>Choose View Stored Cookies from the submenu. The Cookie Manager window opens with a list of all the cookies stored on your computer.</li>
|
||||
<li>Select one or more cookies and click Remove, or click Remove All Cookies.
|
||||
</ol>
|
||||
|
||||
|
@ -234,7 +217,7 @@ A domain cookie is sent back to any site that's in the same domain as the site t
|
|||
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>From the Advanced category, choose Passwords. (If no options are visible in this category, click to expand the list.)
|
||||
<li>From the Privacy and Security category, choose Passwords. (If no subcategories are visible, click to expand the list.)
|
||||
<li>In the Password Manager section, deselect "Remember passwords for sites that require me to log in" to turn Password Manager off.
|
||||
</ol>
|
||||
|
||||
|
@ -261,7 +244,7 @@ A domain cookie is sent back to any site that's in the same domain as the site t
|
|||
<hr>
|
||||
<h1>Using the Form Manager</h1>
|
||||
|
||||
<p>Many web pages contain forms for you to fill out---order forms for online shopping, information databases, and so forth.</p>
|
||||
<p>Many web pages contain forms for you to fill out—order forms for online shopping, information databases, and so forth.</p>
|
||||
|
||||
<p>Form Manager can save the personal data you need to enter when you fill out a form, by storing such information as name, address, phone, credit card numbers, and so forth. Then, when a web site presents you with a form, Form Manager can fill it out automatically.</p>
|
||||
|
||||
|
@ -292,9 +275,8 @@ A domain cookie is sent back to any site that's in the same domain as the site t
|
|||
|
||||
<ol>
|
||||
<li>Open the Tasks menu, choose Privacy and Security, and then choose Form Manager.
|
||||
<li>Select Interview from the submenu.
|
||||
<li>Fill out as many fields as you want.
|
||||
<li>When you're finished with the Interview form, open the Edit menu and choose Save Form Data.
|
||||
<li>Select Demonstration from the submenu.
|
||||
<li>Follow the instructions.
|
||||
</ol>
|
||||
|
||||
</ul>
|
||||
|
@ -322,7 +304,7 @@ A domain cookie is sent back to any site that's in the same domain as the site t
|
|||
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Under the Advanced category, choose Forms. (If no options are visible in this category, click to expand the list.)
|
||||
<li>Under the Privacy and Security category, choose Forms. (If no subcategories are visible, click to expand the list.)
|
||||
<li>In the Form Manager section, deselect "Save form data from web pages when completing forms."
|
||||
</ol>
|
||||
|
||||
|
@ -332,7 +314,7 @@ A domain cookie is sent back to any site that's in the same domain as the site t
|
|||
|
||||
<p>If you provide personal information such as your name, phone number, email address, and so forth, the web site is free to store that information in its database and use it later. A web site might use this information to improve its service to you or target advertising to your interests. A web site could sell the information it has gathered to other companies.
|
||||
|
||||
<p>One way to find out how a web site uses the information it gathers is to check its <a href="#privacy_unauth">privacy policy</a>.
|
||||
<p>One way to find out how a web site uses the information it gathers is to check its <a href="privacy_help.html#privacy_unauth">privacy policy</a>.
|
||||
|
||||
<p>Before providing personal information on an online form, you must decide whether or not you trust the company---just as you judge whether or not you trust a catalog company before you provide your credit card number on the company's order form.
|
||||
|
||||
|
@ -370,13 +352,13 @@ A domain cookie is sent back to any site that's in the same domain as the site t
|
|||
<a NAME="encrypt_on"></a>
|
||||
<h2>Encrypting Stored Sensitive Information</h2>
|
||||
|
||||
<p>To choose encryption:</p>
|
||||
<p>To turn on encryption for your stored sensitive information:</p>
|
||||
|
||||
<ol>
|
||||
<li>Open the Edit menu and choose Preferences.
|
||||
<li>Under the Privacy and Security category, choose Passwords.
|
||||
<li>Under the Privacy and Security category, choose Passwords. (If no subcategories are visible, click to expand the list.)
|
||||
<li>In the Encrypting versus Obscuring section, select "Use encryption when storing sensitive data." Remove the checkmark to turn encryption off.
|
||||
<li>Click OK. A new dialog box appears and leads you through the process of choosing a master password.
|
||||
<li>Click OK. If you haven't previously set a master password, a new dialog box appears and leads you through the process of setting it.
|
||||
</ol>
|
||||
|
||||
|
||||
|
@ -384,7 +366,7 @@ A domain cookie is sent back to any site that's in the same domain as the site t
|
|||
<a NAME="encrypt_master"></a>
|
||||
<h2>Setting a Master Password</h2>
|
||||
|
||||
<p>If you choose encryption, you'll need a master password. With encryption selected, you'll be asked for your master password at least once during a browser session in which you access any of your stored sensitive information.</p>
|
||||
<p>If you choose to encrypt your stored sensitive information, you'll need a master password. With encryption selected, you'll be asked for your master password at least once during a browser session in which you access any of your stored sensitive information.</p>
|
||||
|
||||
<p>If you choose encryption, but don't already have a master password, you'll be prompted to create one the first time you try to save or retrieve your sensitive information.</p>
|
||||
|
||||
|
@ -395,9 +377,10 @@ A domain cookie is sent back to any site that's in the same domain as the site t
|
|||
|
||||
<ol>
|
||||
<li>Open the Tasks menu, choose Privacy and Security, and then choose Password Manager.</li>
|
||||
<li>Select Change Master Password from the submenu. You see the Change Master Password dialog box.
|
||||
<li>Enter your current master password and click OK.</li>
|
||||
<li>Select Change Master Password from the submenu. You see the Set Master Password dialog box.
|
||||
<li>Enter your current master password. </li>
|
||||
<li>Enter your new master password, and retype it to confirm the spelling.</li>
|
||||
<li>Click OK.
|
||||
</ol>
|
||||
|
||||
|
||||
|
@ -405,7 +388,7 @@ A domain cookie is sent back to any site that's in the same domain as the site t
|
|||
<a NAME="encrypt_logout"></a>
|
||||
<h2>Logging Out of Your Master Password</h2>
|
||||
|
||||
<p>Normally, you are asked for your master password once during each browser session in which you access any of your stored sensitive information. However, you can log out of your master password so that it must be entered again before any sensitive information can be stored or retreived. This is useful if you are going to leave your computer unattended for a period of time.</p>
|
||||
<p>Normally, you are asked for your master password once during each browser session in which you access any of your stored sensitive information. However, you can log out of your master password so that it must be entered again before any sensitive information can be stored or retrieved. This is useful if you are going to leave your computer unattended for a period of time.</p>
|
||||
|
||||
<p>To log out of your master password:</p>
|
||||
|
||||
|
@ -450,7 +433,7 @@ A domain cookie is sent back to any site that's in the same domain as the site t
|
|||
|
||||
<hr>
|
||||
|
||||
<p><i>5/9/2001</i></p>
|
||||
<p><i>6/12/2001</i></p>
|
||||
|
||||
<hr>
|
||||
<p>Copyright © 1994-2001 Netscape Communications Corporation.</p>
|
||||
|
|
|
@ -9,7 +9,7 @@
|
|||
<body bgcolor="white">
|
||||
|
||||
<a NAME="validation_first"></a>
|
||||
<h1>Validation Settings</h1>
|
||||
<h2>Validation Settings</h2>
|
||||
|
||||
<p>This section describes how to use the Validation Settings panel. If you are not already viewing the panel, follow these steps:
|
||||
|
||||
|
@ -18,13 +18,28 @@
|
|||
<li>Under the Privacy and Security category, choose Validation. (If no options are visible under Privacy and Security, click its triangle to expand the list.)
|
||||
</ol>
|
||||
|
||||
<h3>OCSP</h3>
|
||||
|
||||
<p>The Online Certificate Status Protocol (OCSP) makes it possible for Certificate Manager to perform an online check of a certificate's validity each time the certificate is viewed or used. This process involves checking the certificate against a certificate revocation list (CRL) maintained at a specified web site. Your computer must be online for OCSP to work.</P>
|
||||
|
||||
<p>To specify how Certificate Manager uses OCSP, choose one of these settings in the OCSP section of Validation Settings:</P>
|
||||
|
||||
<ul>
|
||||
<LI><B>Do not use OCSP for certificate verification.</B> Select this setting if you don't want Certificate Manager to perform an on-line status check each time it verifies a certificate. Instead, whenever Certificate Manager performs <a href="glossary.html#1025527">certificate verification</a>, it only confirms the certificate's validity period and that it is correctly signed by a CA whose own CA certificate is both listed under the CA Certificates tab (in the main Certificate Manager window) and marked as trusted for issuing that kind of certificate.</LI>
|
||||
<LI><B>Use OCSP to verify only certificates that specify an OCSP service URL.</B> Select this setting if you want Certificate Manager perform an on-line status check each time it verifies a certificate that specifies a URL for the purpose of performing such a check. If a URL is specified by the certificate, Certificate Manager makes sure that the certificate is listed there as valid as well as performing the standard checks of validity period and trust settings.</LI>
|
||||
<LI><B>Use OCSP to verify all certificates, using the URL and signer specified here.</B> Select this setting if you want Certificate Manager to perform an on-line status check each time it verifies any certificate. If you select this setting, you should also choose the certificate from the Response Signer pop-up menu that identifies the signer of the OCSP responses. With this setting, the only certificates Certificate Manager recognizes are those that can be verified by an OCSP response signed with the Response Signer certificate (or signed using a certificate that chains to it).<br><br>
|
||||
|
||||
When you choose a Response Signer certificate from the pop-up menu, Certificate Manager fills in the Service URL (if available) for that signer automatically. If the Service URL is not filled in automatically, you must provide it yourself; ask your system administrator for details.</LI>
|
||||
</ul>
|
||||
|
||||
|
||||
|
||||
<p>
|
||||
[ <A HREF="#validation_first">Return to beginning of Validation Settings section</A> ]
|
||||
</p>
|
||||
|
||||
<hr>
|
||||
<p><i>2/5/2001</i></p>
|
||||
<p><i>6/12/2001</i></p>
|
||||
<p>Copyright © 1994-2001 Netscape Communications Corporation.</p>
|
||||
|
||||
</body>
|
||||
|
|
|
@ -9,7 +9,7 @@
|
|||
<body bgcolor="white">
|
||||
|
||||
<a NAME="validation_first"></a>
|
||||
<h1>Validation Settings</h1>
|
||||
<h2>Validation Settings</h2>
|
||||
|
||||
<p>This section describes how to use the Validation Settings panel. If you are not already viewing the panel, follow these steps:
|
||||
|
||||
|
@ -18,13 +18,28 @@
|
|||
<li>Under the Privacy and Security category, choose Validation. (If no options are visible under Privacy and Security, click its triangle to expand the list.)
|
||||
</ol>
|
||||
|
||||
<h3>OCSP</h3>
|
||||
|
||||
<p>The Online Certificate Status Protocol (OCSP) makes it possible for Certificate Manager to perform an online check of a certificate's validity each time the certificate is viewed or used. This process involves checking the certificate against a certificate revocation list (CRL) maintained at a specified web site. Your computer must be online for OCSP to work.</P>
|
||||
|
||||
<p>To specify how Certificate Manager uses OCSP, choose one of these settings in the OCSP section of Validation Settings:</P>
|
||||
|
||||
<ul>
|
||||
<LI><B>Do not use OCSP for certificate verification.</B> Select this setting if you don't want Certificate Manager to perform an on-line status check each time it verifies a certificate. Instead, whenever Certificate Manager performs <a href="glossary.html#1025527">certificate verification</a>, it only confirms the certificate's validity period and that it is correctly signed by a CA whose own CA certificate is both listed under the CA Certificates tab (in the main Certificate Manager window) and marked as trusted for issuing that kind of certificate.</LI>
|
||||
<LI><B>Use OCSP to verify only certificates that specify an OCSP service URL.</B> Select this setting if you want Certificate Manager perform an on-line status check each time it verifies a certificate that specifies a URL for the purpose of performing such a check. If a URL is specified by the certificate, Certificate Manager makes sure that the certificate is listed there as valid as well as performing the standard checks of validity period and trust settings.</LI>
|
||||
<LI><B>Use OCSP to verify all certificates, using the URL and signer specified here.</B> Select this setting if you want Certificate Manager to perform an on-line status check each time it verifies any certificate. If you select this setting, you should also choose the certificate from the Response Signer pop-up menu that identifies the signer of the OCSP responses. With this setting, the only certificates Certificate Manager recognizes are those that can be verified by an OCSP response signed with the Response Signer certificate (or signed using a certificate that chains to it).<br><br>
|
||||
|
||||
When you choose a Response Signer certificate from the pop-up menu, Certificate Manager fills in the Service URL (if available) for that signer automatically. If the Service URL is not filled in automatically, you must provide it yourself; ask your system administrator for details.</LI>
|
||||
</ul>
|
||||
|
||||
|
||||
|
||||
<p>
|
||||
[ <A HREF="#validation_first">Return to beginning of Validation Settings section</A> ]
|
||||
</p>
|
||||
|
||||
<hr>
|
||||
<p><i>2/5/2001</i></p>
|
||||
<p><i>6/12/2001</i></p>
|
||||
<p>Copyright © 1994-2001 Netscape Communications Corporation.</p>
|
||||
|
||||
</body>
|
||||
|
|
Загрузка…
Ссылка в новой задаче