[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

HTTPAPI using SSL - any system security implications?

To: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
Subject: HTTPAPI using SSL - any system security implications?
From: Darrell Kavanagh <DKavanag@xxxxxxxxxxx>
Date: Thu, 10 May 2007 10:32:01 +0100
List-help: <mailto:ftpapi-request@lists.scottklement.com?subject=help>
List-id: HTTPAPI and FTPAPI Projects <ftpapi.lists.scottklement.com>
List-post: <mailto:ftpapi@lists.scottklement.com>
List-subscribe: <http://www.scottklement.com/mailman/listinfo/ftpapi>, <mailto:ftpapi-request@lists.scottklement.com?subject=subscribe>
List-unsubscribe: <http://www.scottklement.com/mailman/listinfo/ftpapi>, <mailto:ftpapi-request@lists.scottklement.com?subject=unsubscribe>
Reply-to: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Sender: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx



Hi,

First of all, many thanks for HTTPAPI - it has greatly simplified my
project.

I need to retrieve an XML document from a secure server. We have all the
requirements for SSL set up on our box, and we don't need to install a
particular certificate or anything like that, so after granting user access
to the *SYSTEM certificate store, I understand that it should "just work".

However our operations dept is asking about the security implications of
opening up the *SYSTEM certificate store to users. I don't have quite
enough knowledge to reassure them. Can anyone help on this?

Am I right in thinking that adopted authority will not work with the
certificate store ('cos its on the ifs)? Presumably this means that we need
to grant certificate store access directly to all groups who need the SSL
functionality?

Many thanks,

Darrell


----------------------------------------------------------------------
The information contained in this e-mail and any subsequent
correspondence is private and confidential and intended solely 
for the named recipient(s).  If you are not a named recipient, 
you must not copy, distribute, or disseminate the information, 
open any attachment, or take any action in reliance on it.  If you 
have received the e-mail in error, please notify the sender and delete
the e-mail.  
 
Any views or opinions expressed in this e-mail are those of the 
individual sender, unless otherwise stated.  Although this e-mail has 
been scanned for viruses you should rely on your own virus check, as 
the sender accepts no liability for any damage arising out of any bug 
or virus infection.

John Wiley & Sons Limited is a private limited company registered in
England with registered number 641132.

Registered office address: The Atrium, Southern Gate, Chichester,
West Sussex, PO19 8SQ.
----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

Follow-Ups:
- Re: HTTPAPI using SSL - any system security implications?
  - From: Scott Klement

Prev by Date: Re: Install 2 versions of HTTPAPI on the same computer ?
Next by Date: Re: AW: AW: HTTPAPI / call webservice in base64binary-code
Previous by thread: RE: Install 2 versions of HTTPAPI on the same computer ?
Next by thread: Re: HTTPAPI using SSL - any system security implications?
Index(es):
- Date
- Thread