home
NEWS       BLOGS       FORUMS       NEWSLETTERS       RESEARCH       EVENTS       DIGITAL LIBRARY       CAREERS  
Network Computing Network Computing Powered by InformationWeek Business Technology Network

IMMERSE YOURSELF:

SOA

  |

Data Center

  |

802.11n

  |

Data Privacy

  |		 APO  |

Virtualization

  |

NAC

  |

Security

  |

Network Mgmt

  |

Enterprise Apps

  |

Storage & Servers











Certificate Authorities: How Valuable Are They?

Netscape Communications Corp.'s Certificate Server 1.0
Ever get the feeling--and this applies to many vendors' wares--that products considered beta should really be called alpha, and that version 1.0 products more aptly should be viewed as beta? Netscape's Certificate Server 1.0 is one such example. It runs on several platforms, though we chose to evaluate it solely on the Intel-Windows NT platform. Installation was a bit rough and definitely confusing; we had to keep track of multiple user names and a significant number of passwords, and we were forced to run obscure key-generating commands from the DOS shell. This was not a big deal, but it makes you wonder why half of the installation process is GUI-based and the other half runs from the command line. Another mystery was why Netscape's manuals referenced the wrong file name for the zip file, and why we had to unzip the file in the first place (what happened to the install wizard?).

No Scary Surprises But such complaints aside, the server performed without any surprises and appeared to be quite stable once we had it up and running. Certificate Server relies on its Informix database for key storage and management, but the database must be running before the Certificate Server can be installed. Although we're comfortable with Informix as the database of choice, its necessity adds another layer of complexity when troubleshooting. Fortunately, nothing went wrong during our testing.

Typical of any Netscape server line, most of the administration is done via the browser, and administrators get a decent set of tools. To request a certificate, users fill out an included form, which go es to the administration queue for approval over a separate, secured page. When a request is approved and a certificate is issued, the server can e-mail the administrator with a URL of where to pick up the certificate. From the user's perspective, dealing with the Netscape Certificate Server is like dealing with a larger public CA--the same ease of use is there.

However, Certificate Server's 1.0 strength lies not in the server itself but in its potential to integrate into a fully functioning public key infrastructure (PKI). Netscape's Certificate Server interoperates with the Lightweight Directory Access Protocol (LDAP)-based Netscape Directory Server, which in turn works with the Netscape Mail Server. This trio, combined with Secure/

Multipurpose Internet Mail Extensions (S/MIME) and other e-mail capabilities expected to be included in the final release of Netscape's Communicator (the next version of Navigator), will allow Netscape to offer a significant contribution to a standards-based environment --provided all the pieces are implemented correctly.

Xcert Software's Sentry CA
If you're one of those people who thinks all Unix-based products are plagued by intricate installations that require deeper knowledge of the OS, you're in for a surprise with Xcert's Sentry CA. Netscape should take some lessons from Xcert: We installed Xcert's Sentry CA product on Solaris x86, and it took all of 10 minutes--it was that simple. Best of all, the brief documentation was completely accurate. Once up, Xcert's Sentry CA functions much like Netscape's server. Users may request certificates via included forms, administrators can approve and e-mail responses, and everything can be done using standard browsers. Where Sentry CA varies from other CAs is in its back end. Xcert uses its own database, called XUDA, which communicates via SSL-LDAP. By using LDAP securely, companies can create robust certificate systems incorporating multiple servers, all using industry-standard proto cols.

Xcert is working with Fischer International Systems Corp. to create an S/MIME client that takes advantage of Fischer's smart-card products. Although Xcert doesn't have the internal product tie-ins Netscape can offer, what it does have works very well.

Frontier Technologies Corp.'s e-Lock
Frontier takes a package approach to certificate authentication: Its e-Lock product ties right into its other TCP/IP-based applications. We tested e-Lock, which includes a Simple Mail Transfer Protocol/Post Office Protocol (SMTP/POP)-based mail server, Web server and a certificate issuer, using NT 4.0 on an Intel platform. Frontier is one of the first vendors to have a Windows-based client that supports S/MIME--a protocol that uses public key encryption over e-mail.


Updated March 25, 1997







Ready to take that job and shove it?

Function:

Keyword(s):

State:
SPONSOR
RECENT JOB POSTINGS
CAREER NEWS
10 Search Engines You Don't Know About
Go beyond Google and get vertical. These specialized search sites will help you find the business information you need -- fast.

Yahoo Profits Fall 23%, Cuts 1,000 Jobs
Ari Balogh was named to the post of chief technology officer as the companys for a "realignment" of employees.

More articles from our career center










InformationWeek U.S. IT Salary Survey 2008
Salaries for business technology professionals are falling. Here's what you need to know in order to make good hiring decisions and personal career choices. Download Today
 
ROLLING RIGHT ALONG
Follow key Network Computing Reviews from conception to completion. This Week: Holistic APM.



Network Computing Reports Emerging Enterprise Podcast Series: Secrets to Success








TechSearch
Microsite of the Week


Powerful Information at Your Fingertips



InformationWeek Business Technology Network
InformationWeekInformationWeek 500InformationWeek 500 ConferenceInformationWeek AnalyticsInformationWeek CIO
InformationWeek EventsInformationWeek ReportsInformationWeek MagazinebMightyByte and SwitchDark Reading
Digital LibraryIntelligent EnterpriseInternet EvolutionNetwork ComputingNo JitterPlug Into The Cloud
space
Techweb Events Network
InteropVoiceConWeb 2.0 ExpoWeb 2.0 SummitEnterprise 2.0 ConferenceMobile Business ExpoSoftware ConferenceCSI - Computer Security Institute
Black HatGTECEnergy CampMashup CampStartup Camp
space
Light Reading Communications Network
Light ReadingLight Reading EuropeUnstrungLight Reading's Cable Digital NewsConstantinopleInternet EvolutionPyramid Research
Heavy ReadingLight Reading Live!Light Reading InsiderEthernet ExpoOptical ExpoTeleco TVTower Technology Summit
space
Financial Technology Network
Advanced TradingBank Systems & TechnologyInsurance & TechnologyWall Street & TechnologyAccelerating Wall StreetBank Systems & Technology Executive SummitBuyside Trading SummitInsurance & Technology Executive Summit
space
Microsoft Technology Network
MSDN MagazineTechNetThe Architecture Journal
space


App Infrastructure   |   Messaging & Collaboration   |   Network & Systems Mgmt   |   Network Infrastructure   |   Security  |   Storage & Servers   |   Wireless   |   Enterprise Apps
About Us  |  Contact Us  |  Site Map  |  Technology Marketing Solutions  |  Advertising Contacts  |   Briefing Centers
Copyright © 2009  United Business Media LLC  |  Privacy Statement  |  Terms of Service  |  Your California Privacy Rights