- Community Home
- >
- Services
- >
- Legacy
- >
- Insight Remote Security
- >
- Re: ISEE client authentication/encryption mechanis...
Insight Remote Security
1748246
Members
3819
Online
108760
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-22-2003 12:46 AM
тАО12-22-2003 12:46 AM
ISEE client authentication/encryption mechanism
In the ISEE documentation we find :
Security of client-server network communications:
├в ┬в Secure communications between clientserver components is implemented using http encrypted with RC4 private-key encryption and machine to machine X.509v3 digital certificate authentication.
├в Security for content (MAPs):
├в ┬в Content security is implemented using X.509v3 digital certificates and MD5 message digest to digitally sign content to verify integrity and authenticate origin.
Communication is standard http (so not SSL based). so my questions: how is the above implemented? how is the private key used in RC4 is made available on all communicating parties? (Clients and HP backend in SC, and clients and SPOP in AC.)
How is the certificate based authentication is implemented, are certificates exchanged at the moment the http connection is established, are both client and server authenticated, are certificates installed on the clients/SPOP during implementation etc...
Is content security (digitally signing content via MD5 hash and private key of sender)implemented the same way between clients and spop, clients and backend HP,Spop and backend HP, if not what 's the dif
Security of client-server network communications:
├в ┬в Secure communications between clientserver components is implemented using http encrypted with RC4 private-key encryption and machine to machine X.509v3 digital certificate authentication.
├в Security for content (MAPs):
├в ┬в Content security is implemented using X.509v3 digital certificates and MD5 message digest to digitally sign content to verify integrity and authenticate origin.
Communication is standard http (so not SSL based). so my questions: how is the above implemented? how is the private key used in RC4 is made available on all communicating parties? (Clients and HP backend in SC, and clients and SPOP in AC.)
How is the certificate based authentication is implemented, are certificates exchanged at the moment the http connection is established, are both client and server authenticated, are certificates installed on the clients/SPOP during implementation etc...
Is content security (digitally signing content via MD5 hash and private key of sender)implemented the same way between clients and spop, clients and backend HP,Spop and backend HP, if not what 's the dif
2 REPLIES 2
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-22-2003 06:44 PM
тАО12-22-2003 06:44 PM
Re: ISEE client authentication/encryption mechanism
Hello,
If I got all this correct, the symmectic key is exchanged with RSA public-key encryption cipher with 2048-bit key. For every new data transfer you will have a new symmetic key.
Certificates will be send from client and server at the beginning of the communication, they are installed during installation.
The communication between client and backend and client and SPOP is nearly the same, means the content security is the same as well. I├В┬┤m not 100% sure but it should be the same for SPOP <--> backend as well.
Regards
Frau
If I got all this correct, the symmectic key is exchanged with RSA public-key encryption cipher with 2048-bit key. For every new data transfer you will have a new symmetic key.
Certificates will be send from client and server at the beginning of the communication, they are installed during installation.
The communication between client and backend and client and SPOP is nearly the same, means the content security is the same as well. I├В┬┤m not 100% sure but it should be the same for SPOP <--> backend as well.
Regards
Frau
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-22-2003 07:30 PM
тАО12-22-2003 07:30 PM
Re: ISEE client authentication/encryption mechanism
Hi,
I've been looking for several weeks now on detailed infoemation on how ISEE actually works (regarding autentication and encryption between all communicating parties)and I get the impression that these things are not documented anywhere and nobody is really sure or can give a formal answer.
But if I got your answer correct you're saying clients get their certificate the moment the isee SW is installed on them. How does this happen? What generates these certificates because they're unique to the subject(client), right ?
In public key cryptography they're generated by CA's, which can be public independant entities, but can also be private organisations. In ISEE's case it's HP itself that's the CA? correct? So is there some certificate generating SW on the spop or Backend that issues these certificates for the installed clients or how is it implemented?
I've been looking for several weeks now on detailed infoemation on how ISEE actually works (regarding autentication and encryption between all communicating parties)and I get the impression that these things are not documented anywhere and nobody is really sure or can give a formal answer.
But if I got your answer correct you're saying clients get their certificate the moment the isee SW is installed on them. How does this happen? What generates these certificates because they're unique to the subject(client), right ?
In public key cryptography they're generated by CA's, which can be public independant entities, but can also be private organisations. In ISEE's case it's HP itself that's the CA? correct? So is there some certificate generating SW on the spop or Backend that issues these certificates for the installed clients or how is it implemented?
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP