0  
UTHSC-H Digital IDs
Middleware |  Identity Management |  Directory Service |  Authentication |  Authorization |  Digital IDs
 

Accessing Restricted Resources
With Netscape Communicator 

Configuring Certificate Selection

Netscape Communicator can be configured to 
  • ask you every time to select the appropriate certified key to be sent to a requesting resource.
  • automatically select the appropriate key to be sent, or
  • always send the same certified key.
    • To choses a specific certification selection mode, 
  • select the Security Iconsecurity icon, on the browser's  "Navigation Toolbar"
  • This displays the "Security Info" page. 
  • Select the "Navigator" link.
  • The "Navigator" page appears. (See following illustration.)
  • From the pull-down menu, select method for "Certificate to identify you to a web site."

    • navigator settings

    Example 1: User Asked Every Time to Select Certificate and Provide PSE Password

    When one "clicks" on a hyperlink to a resource that requires you to provide a public key, the "Select a Certificate" window appears as illustrated in the following figure. 

    cert selection

    Select the appropriate certificate from the pull-down list and "click" the "Continue" button. The "Password Entry Dialog" box appears. Entering the password to your "personal security environment" (PSE) sends your certified public key to the requesting resource. 

    password box

    If you are an "authorized" user, you will be granted access to the resource.

    Example 2: Browser  Selects Certificate & User Must Provide Password

    When the browser is configured on the "Navigation" page to 
  • automatically select the certificate, or
  • to always send a specific certificate,
    • then only the "Password Entry Dialog" box appears and only the password for your PSE must be entered. 

    Example 3: User Neither Selects Certificate Nor Enters Password

    THIS CONFIGURATION IS NOT RECOMMENDED! IF THE COMPUTER IS LEFT UNATTENDED, ANYONE CAN USE YOUR DIGITAL ID FOR ANY PURPOSE!
    If Communicator is configured both to 
  • not prompt the user to select the certificate sent to a requesting resource (i.e. Example 3), and
  • to leave the PSE unprotected by a password
    • then the browser automatically accesses the restricted resource with no intervention on your part.

    Configurations That Leave Your PSE Password Unprotected


    The Personal Security Environment (PSE) can be left password unprotected in one of three different ways. All three modes are set via the "Passwords" page which is accessed by 

  • selecting the "security icon" on the "Navigation Toolbar", and then
  •  selecting the "Passwords" link on the "Security Info" page
    • If on the "Passwords" page you select the radio button for either 
  • "The first time your certificate is needed", or
  • "After X minutes of inactivity",
    • then your PSE will not be password protected anytime after you once use a certificate (the first case), or anytime for X minutes after it was last used (the second case).
    netscape password settings

    The third way to leave the PSE password unprotected is to totally remove password protection. When one selects the "Change Password" button on the "Passwords" page, the "Change Your Communicator Password" window appears (see next illustration). As noted in the window, if you leave the password fields blank, there will be NO PASSWORD PROTECTION. This also includes no password protection for signing e-mail messages or decrypting encrypted mail.

    netscape changing password


     
     
     
         Digital ID Home Page     

    Last Modified: 
    Office of Academic Computing
    Copyright © 2003 The University of Texas Health Science Center at Houston