Need help understanding security requirements

I do free lance marketing and advertising and I have a prospective client
who says my computers must meet certain requirements before they will do
business with me. They listed the following:

Digital Certificate (including CAC)

Microsoft Cryptographic Application Programming Interface (Crypto API)

Dynamic Linked Library version 2.0.0.0



I don't know what these items are. Can someone please enlighten me? I have
Windows XP Pro on one computer and XP Home on a second computer. I use
Outlook Express for email. Do I already meet any of these requirements and
if not, what would I need to do to meet these requirements?

Thank you,

Steve Smith

Steve Smith

"Steve Smith" <> wrote in
news:_ZJpe.39096$Fv.35636@lakeread01:

> I do free lance marketing and advertising and I have a prospective
> client who says my computers must meet certain requirements before
> they will do business with me. They listed the following:
>
> Digital Certificate (including CAC)
>
> Microsoft Cryptographic Application Programming Interface (Crypto API)
>
> Dynamic Linked Library version 2.0.0.0
>
>
>
> I don't know what these items are. Can someone please enlighten me? I
> have Windows XP Pro on one computer and XP Home on a second computer.
> I use Outlook Express for email. Do I already meet any of these
> requirements and if not, what would I need to do to meet these
> requirements?
>
> Thank you,
>
> Steve Smith
>


OK, I'm going to be a pain in the ass; but, I assure you, my motives are
pure

The three things you listed are labels, names, buzzwords, and NOT
requirements. Without being as abrasive a prick as I am, you should
demand (request?) that your client make clear what it is *exactly* that
he wants.

However, using guesswork and softening my stance a little, I assume your
client is obliged to conform to (or has adopted independently) certain US
DoD & GSA requirements which do "specify" (I'm using the word loosely)
some of the above buzzwords.

In short, these requirements mandate certain authentication methods
(digital certificates) possibly to be used in conjunction with CaCs
(common access cards - aka smartcards). That is, to get access to their
(DoD/GSA) computer systems you must have certain authentication
credentials and run on a modern operating system (Windows XP & IE
qualifies - i.e., uses crypto API/DLL 2.0 - which tells you something
about how artificial all this **** is!)
..
As a Canadian I'm delightfully free of this bureaucratic morass, so
that's about as far along the path as I can take you. Bonne chance!

Regards,

PS Here's one company that supplies certificates:

http://www.digsigtrust.com/federal/dod_2.html

nemo_outis

Steve Smith wrote:
> I do free lance marketing and advertising and I have a prospective client
> who says my computers must meet certain requirements before they will do
> business with me. They listed the following:
>
> Digital Certificate (including CAC)
>
> Microsoft Cryptographic Application Programming Interface (Crypto API)
>
> Dynamic Linked Library version 2.0.0.0
>
>
>
> I don't know what these items are. Can someone please enlighten me? I have
> Windows XP Pro on one computer and XP Home on a second computer. I use
> Outlook Express for email. Do I already meet any of these requirements and
> if not, what would I need to do to meet these requirements?
>
> Thank you,
>
> Steve Smith
>
>
>
>
>
>
You have the crypto API, and the DLL. The CAC is a smart card that
contains a digital certificate. Word of warning here as there are
several CAC types available and you may need to be cognizant of which
CAC certificate compatibility is required and the required cert length
as there are several cert types used by different entities. Obviously
you will also need a compatible CAC reader and supporting CAC software.

Typical smartcards (CAC) run about $50 to $75 Readers run under 50$ and
the authentication software for the CAC typically runs about $100 (low
quantities).

I believe you will also need Outlook instead of Outlook express.
Typically that runs about $100 by itself or about $400 if you by the MS
office suite. I have been unsuccessful in getting CAC to authenticate
successfully in Firefox (web transactions). It has required IE 5.5 or
above to successfully do web CAC authentication, your mileage may vary.

Q: Do they indicate who the cert authority will be? There is typically
a charge for this service and for writing the certificates to the CAC.

Winged

Winged