Client Certificates

04-04-2005

I am authenticating users to a site using client certificates and all is well
except for a few issues.

#1) Once a browser has been challenged, if the user leaves the site in the
same browser and then returns the browser isn't recallenged even if the
session has expired. Is there a way to force a rechallenge?

#2) If I want to use the certificate to sign some data I'd like the user to
present the password again to their certificate (to avoid the popped to
toilet security scenario), this is for critical processes.

I tried opening up child windows etc however it seems that parent/child
windows share this authentication information by default and I can't see how
to stop that?

Thankx

Shaun Wilde

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
python xmlrpc client with ssl client certificates and standard modules	News123	Python	9	02-15-2012 01:04 PM
Are SSL certificates and x.509 certificates the same?	n33470	ASP .Net Web Services	0	12-14-2005 03:30 PM
VPN Client to PIX 515 - using certificates doesn't work	Peter	Cisco	7	08-29-2004 04:28 PM
VPN Client <> PIX 515 with certificates (long!)	Patrick M. Hausen	Cisco	0	08-16-2004 12:50 PM
Self-issued certificates and commercial certificates.	Lord Amoeba	Computer Security	2	05-05-2004 01:40 PM