diff --git a/security/psm/doc/glossary.htm b/security/psm/doc/glossary.htm index 7817552198c..b2730ea56a4 100644 --- a/security/psm/doc/glossary.htm +++ b/security/psm/doc/glossary.htm @@ -96,7 +96,7 @@ A list of revoked certificates that is generated and signed by a certificate store.  - + The collection of certificates, or electronic IDs, maintained by Personal Security Manager on your behalf. These include your own certificates stored on one or more security devices, other people's certificates, web site certificates, and CA certificates. See also certificate authority (CA), certificate, security device.

@@ -199,6 +199,11 @@ A large number used by a cryptographic algorithm< A protocol for accessing directory services across multiple platforms. LDAP is a simplified version of Directory Access Protocol (DAP), used to access X.500 directories.

+ +master key.  + +A symmetric key used by Personal Security Manager to encrypt information on behalf of other applications. For example, Netscape 6 uses Personal Security Manager and your master key to encrypt email passwords, web site passwords, and other stored identity information. See also symmetric encryption.

+ misrepresentation.  @@ -234,10 +239,10 @@ A set of rules that Personal Security Manager follows to perform an online check Confident identification by means of a name and password. See also authentication.

- -personal security password.  - -A password used by Personal Security Manager to protect private keys stored on a security device. Personal Security Manager needs to access your private keys, for example, when you sign email messages or use one of your own certificates to identify yourself to a web site. You can set or change the password from the Certificates tab in Personal Security Manager. You can also control when you will be asked for the password: the first time Personal Security Manager starts up, every time one of your certificates is requested, or after a specified period of inactivity while you are visiting a site that supports encryption. Each security device requires a separate personal security password.

+ +Personal Security Password.  + +A password used by Personal Security Manager to protect the master key and/or private keys stored on a security device. Personal Security Manager needs to access your private keys, for example, when you sign email messages or use one of your own certificates to identify yourself to a web site. It needs to access your master key when it encrypts or decrypts information on behalf of another application—for example, when Netscape 6 needs to store or access your email password. You can set or change your personal security password from the Certificates tab in Personal Security Manager. Each security device requires a separate Personal Security Password. See also private key, master key.

PKCS #11.  @@ -262,7 +267,7 @@ One of a pair of keys used in public-key cryptography. The private key is kept s PSM Private Keys security device.  -The default security device used by Personal Security Manager to store certificates and private keys.

+The default security device used by Personal Security Manager to store private keys associated with your certificates. In addition to private keys, the PSM Private Keys security device stores the master key used by Netscape 6 to encrypt email passwords, web site passwords, and other identity information. See also private key, master key.

public key.  @@ -297,7 +302,7 @@ See certificate.

security device.  -A hardware or software device that provides cryptographic services such as encryption and decryption and can store certificates and keys. A smart card is one example of a hardware security device. Personal Security Manager contains its own internal security device, called the PSM Private Keys security device, that is implemented in software. Each security device is protected by its own personal security password.

+A hardware or software device that provides cryptographic services such as encryption and decryption and can store certificates and keys. A smart card is one example of a hardware security device. Personal Security Manager contains its own internal security device, called the PSM Private Keys security device, that is implemented in software. Each security device is protected by its own Personal Security Password.

security module.  diff --git a/security/psm/doc/help.htm b/security/psm/doc/help.htm index 6bb1edb84dd..971eadc3331 100644 --- a/security/psm/doc/help.htm +++ b/security/psm/doc/help.htm @@ -658,7 +658,7 @@ Certificates—Mine The Mine panel of the Certificates tab in Personal Security Manager allows you to examine and work with the certificates in your certificate store that identify you, and to set related security passwords. For instructions on how to use this panel, read the sections that follow.

-For short definitions, click certificate, certificate store, digital signature, encryption, or personal security password. For an overview of Personal Security Manager and network security concepts, see Introduction to Personal Security Manager.

+For short definitions, click certificate, certificate store, digital signature, encryption, or Personal Security Password. For an overview of Personal Security Manager and network security concepts, see Introduction to Personal Security Manager.

 

@@ -669,29 +669,31 @@ The following actions don't require a certificate to be selected first:

 

-Choose a Personal Security Password

-A personal security password protects a security device that contains your certificates and their associated private keys. Personal Security Manager asks for this password, for example, when you sign email messages or use one of your own certificates to identify yourself to a web site.

- -A security device may be the one that is maintained internally by Personal Security Manager (called PSM Private Keys security device), or it may be an external hardware device, such as a smart card. Each security device requires a separate personal security password.

- -For example, if you are using one or more smart cards to store some of your certificates, you must set a separate personal security password for each one. If you also use the internal PSM security device to store some certificates, you must set a separate personal security password for it as well.

 - -If someone uses your computer who knows or can guess the personal security password for any security device available to Personal Security Manager, that person can send messages or access web sites while pretending to be you. This can have negative consequences—for example, if you digitally sign important email messages or manage your financial accounts over the Internet. Therefore, it's important to select a password that is difficult to guess. It's also important to record the password in a safe place—and not anywhere that's easily accessible to someone else. If you forget this password, you may not be able to read any encrypted mail stored on your computer.

- +Choose a Personal Security Password

+Your Personal Security Password protects keys associated with your identity, such as the key that protects your stored passwords or a private key associated with a certificate. These keys are stored on a security device, such as the default device maintained internally by Personal Security Manager (called PSM Private Keys security device) or an external smart card.

+ +The Personal Security Password for the default PSM Private Keys security device also protects your master key, which is a special key used by Personal Security Manager to encrypt information on behalf of other applications. For example, Netscape 6 uses Personal Security Manager and your master key to encrypt email passwords, web site passwords, and other stored identity information.

 + +If someone uses your computer who knows or can guess the personal security password for any security device available to Personal Security Manager, that person can use email or access web sites while pretending to be you. This can be dangerous—for example, if you digitally sign important email messages or manage your financial accounts over the Internet. Therefore, it's important to select a personal security password that is difficult to guess. It's also important to record the password in a safe place—and not anywhere that's easily accessible to someone else. If you forget this password, you may not be able to access important information, such as web sites that require passwords or certificates, or encrypted mail stored on your computer.

+ +Note that each security device requires a separate Personal Security Password. For example, if you are using one or more smart cards to store some of your certificates, you must set a separate Personal Security Password for each one.

 + +Choose a Good Password

Good passwords have the following characteristics:

-The Personal Security Password window allows you to change the password and to set how often Personal Security Manager requires it. Here are some things you should consider when selecting these options

 -  +
  • Uppercase letters

  • Lowercase letters

  • Numbers

  • Symbols

    • + +Set the Frequency of Password Requests

    +The Personal Security Password window also allows you to set how often Personal Security Manager requires your Personal Security Password. Here are some things you should consider when selecting these options:

    + 

    Choose a Portable Security Password

    A portable security password protects one or more certificates that you are backing up using the Backup or Backup All button in the Mine section of the Certificates tab. Personal Security Manager asks you to set a portable security password when you back up certificates, and requests it when you attempt to restore certificates that have previously been backed up.

    -Important: When you click the Backup All button, Personal Security Manager attempts to back up all of your certificates that are stored on the default PSM Private Keys security device. Certificates backed up in this manner cannot be restored unless you are using Comunicator 4.71 or later versions, or unless you are using Communicator 4.7 with Personal Security Manager.

    +Important: When you click the Backup All button, Personal Security Manager attempts to back up all of your certificates associated private keys stored on the default PSM Private Keys security device. Certificates backed up in this manner cannot be restored unless you are using Comunicator 4.71 or later versions, or unless you are using Communicator 4.7 with Personal Security Manager.

    -The Backup All button does not back up any certificates that are stored on security devices other than the default PSM Private Keys device. For example, Backup All will not back up any certificates in the list that are stored on a smart card inserted in a smart card reader attached to your computer. Certificates stored on security device s other than PSM Private Keys must each be backed up individually by selecting the name of the certificate and clicking the Backup button.

     +The Backup All button does not back up any certificates that are stored on security devices other than the default PSM Private Keys device. For example, Backup All will not back up any certificates in the list that are stored on a smart card inserted in a smart card reader attached to your computer. Certificates stored on security devices other than PSM Private Keys must each be backed up individually by selecting the name of the certificate and clicking the Backup button.

    If someone obtains the file containing a certificate that you have backed up and successfully restores the certificate, that person can send messages or access web sites while pretending to be you. This can have negative consequences, for example, if you digitally sign important email messages or manage your bank or investment accounts over the Internet. Therefore, it's important to select a Portable Security Password that is difficult to guess. It's also important to record the password in a safe place—and not anywhere that's easily accessible to someone else. If you forget this password, you can't restore the backup of your certificate.

     @@ -803,7 +805,7 @@ Modules A Public Key Cryptography Standard (PKCS) #11 module (sometimes called a security module) is a program that works with Personal Security Manager to manage cryptographic services such as encryption and decryption. PKCS #11 modules control security devices that can be implemented in either hardware or software.

     -A PKCS #11 module controls one or more security devices (sometimes called tokens) in much the same way that a software driver controls an external device such as a printer or modem. A security device, which can be implemented in software or hardware, provides cryptographic services such as encryption and decryption and optionally stores certificates and keys. Personal Security Manager contains its own internal software security devices. A smart card is one example of an external hardware security device. Each security device is protected by its own personal security password.

    +A PKCS #11 module controls one or more security devices (sometimes called tokens) in much the same way that a software driver controls an external device such as a printer or modem. A security device, which can be implemented in software or hardware, provides cryptographic services such as encryption and decryption and optionally stores certificates and keys. Personal Security Manager contains its own internal software security devices. A smart card is one example of an external hardware security device. Each security device is protected by its own Personal Security Password.

    Personal Security Manager provides a built-in PKCS #11 module that controls the internal Personal Security Manager security devices. You may install additional modules on your computer to control smart cards or other external security devices.