[5045] in WWW Security List Archive
Re: Secure WWW & FTP pointers
daemon@ATHENA.MIT.EDU (Adam Shostack)
Sat Apr 12 22:13:38 1997
From: Adam Shostack <adam@homeport.org>
In-Reply-To: <m0wFm0u-00001cC@vais.net> from Chris Roger at "Apr 11, 97 03:36:48 pm"
To: croger@vais.net (Chris Roger)
Date: Sat, 12 Apr 1997 17:11:43 -0500 (EST)
Cc: www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
Virtual Vault provides a secure (resistant to being broken
into) web server. It won't strongly authenticate your users unless
you use strong authentication, which to me usually means either
encryption tools for the files (so that you can sign them), or less
ideally, login tokens like SNK to authenticate users.
You get substantially more verification that a client uploaded
file X if X is signed by the client than if you used strong login
authentication.
Adam
Chris Roger wrote:
[Charset ISO-8859-1 unsupported, filtering to ASCII...]
| Hello,
|
| I was wondering if anyone had any experience with
| HP's VirtualVault Web server.
| (http://hpcc920.external.hp.com/gsy/security/virvault/)
|
| We are looking for very secure servers (WWW and FTP)...
| we need verification that clients (who upload files) are who
| they say they are, as well as secure transactions.
|
| Any help/pointers appreciated.
|
| ======================================================
| Chris Roger * croger@vais.net * President
| Netsus, LLC * Virtual Web Site Hosting/Design * Data Circuits
| Virginia Internet Services * Dialup Internet Access
| phone://703.913.0823 * fax://703.913.9775 * http://www.vais.net
|
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
