Re: single-signon with X.509 certificates
From: Thomas Vincent (thomasv_at_mac.com)
Date: 11 Mar 2004 20:25:28 -0800
PKI is generally used for authentication and verifying the integrity
of the data. The authorization is stored in the directory (LDAP) and
or the application. It is hard to give you a complete answer when we
don't know what the operating systems your using are. The fact that
the digital certicate is on a USB token is irrelevant. The computer
will simpley look at that as just another device aka. hard drive.
PKI is a messy business right now with a bunch of vendors (ENTRUST)
trying to create stovepipe solutions. Basically because they know that
PKI is largely becoming a commidity not something unique.
A quick search of google turns up a ton of information on the subject.
"Edward A. Feustel" <firstname.lastname@example.org> wrote in message news:<c1kobi$72n$1@merrimack.Dartmouth.EDU>...
> "Michel Oosterhof" <email@example.com> wrote in message
> > firstname.lastname@example.org (paul b) writes:
> > >Hello,
> > >I need some help for a single signon system that I have to develop for
> > >a society during the next few month
> > >The system has to work in the following way:
> > >The users have to do a single authentication against the system using
> > >a X.509 certificate stored on an USB-token. Once this authentication
> > >is correct, they will get access to some proprietary applications. All
> > >the security has to lie thus on the certificates.