Securing Novell GroupWise           ®   ®



through SSL and S/Mime

Dirk Giles
GroupWise Software Engineer
dpgiles@novell...
Agenda

    •   LDAP authentication and Novell GroupWise
                                           ®      ®



        Po...
LDAP Authentication
Why Use LDAP Authentication?

    •   Uses user's directory password
         –   Minimizes password management requiremen...
LDAP Authentication Planning

    •   LDAP Server information
         –   Use SSL or not?
              >   SSL key file
...
LDAP Authentication Planning                          Part 2

    •   Use proxy user?
         –   Access the directory wi...
Export LDAP Certificate
    Which One?




7   © Novell, Inc. All rights reserved.
Export LDAP Certificate
    Certificate Properties




8   © Novell, Inc. All rights reserved.
Export LDAP Certificate
    Export Wizard – No Private Key




9   © Novell, Inc. All rights reserved.
Export LDAP Certificate
     Export Wizard – Output Format and Filename




10   © Novell, Inc. All rights reserved.
LDAP Server Configuration
     Novell GroupWise System Tools
                       ®                   ®




11   © Novel...
LDAP Server Configuration
     LDAP Server List




12   © Novell, Inc. All rights reserved.
LDAP Server Configuration
     LDAP Server Options




13   © Novell, Inc. All rights reserved.
Post Office Configuration
     Security Settings




14   © Novell, Inc. All rights reserved.
Post Office Configuration
     LDAP Server Selection




15   © Novell, Inc. All rights reserved.
LDAP Authentication Demonstration
Securing Novell GroupWise with SSL
              ®          ®
Novell GroupWise Security and SSL
                             ®             ®




     •   Enhances native messaging encr...
Where Do I Start?

     1. Get a certificate!
          –   Generate a Certificate Signing Request (CSR)

               >...
Generate Certificate Signing Request
     Novell GroupWise Generate CSR Utility (GWCSRGEN)
                     ®         ...
Request the Certificate

     •   Submit the certificate signing request to a
         certificate authority
          –  ...
Create a Certificate

     •   Novell Certificate Server and Novell eDirectory
                                           ...
Create a Certificate using
     Novell Certificate Server               ™



     •   Enter certificate signing request

 ...
Issuing a Certificate with ConsoleOne ®


     Issue Certificate Wizard




24   © Novell, Inc. All rights reserved.
Issuing a Certificate with ConsoleOne ®


     Enter certificate signing request




25   © Novell, Inc. All rights reserv...
Issuing a Certificate with ConsoleOne ®


     Select key type and usage




26   © Novell, Inc. All rights reserved.
Issuing a Certificate with ConsoleOne ®


     Select validity period




27   © Novell, Inc. All rights reserved.
Issuing a Certificate with ConsoleOne ®


     Select output format and filename




28   © Novell, Inc. All rights reserv...
Issuing a Certificate with YaST
     Enter Certificate Authority




29   © Novell, Inc. All rights reserved.
Issuing a Certificate with YaST
     Select Export to File




30   © Novell, Inc. All rights reserved.
Issuing a Certificate with YaST
     Select output format and filename




31   © Novell, Inc. All rights reserved.
Issuing a Certificate with YaST
     Save certificate




32   © Novell, Inc. All rights reserved.
Issuing a Certificate with YaST
     Save key




33   © Novell, Inc. All rights reserved.
Certificate Generation Demonstration
Install the Certificate

     2. Install the certificate!
          –   Use ConsoleOne to designate the certificate
      ...
Configure Access
     Network Access Tab

     3. Enable SSL and configure access
          –   Disabled, Enabled, and Req...
Equivalent Command Line Options




37   © Novell, Inc. All rights reserved.
GWPOA Certificate
Installation Demonstration
Securing Novell GroupWise Internet Agent
              ®          ®
Securing the Novell GroupWise         ®           ®



     Internet Agent with SSL
     •   Secure Connections to other S...
Securing the GWIA with SSL
     Install the Certificate




41   © Novell, Inc. All rights reserved.
Securing the GWIA with SSL
     Enabling SSL




42   © Novell, Inc. All rights reserved.
Securing Novell GroupWise
               ®           ®



Internet Agent Demonstration
Securing Novell GroupWise WebAccess
             ®         ®
Securing WebAccess with SSL

     •   Securing WebAccess Agent - WebConsole

     •   Securing WebAccess Application (Apac...
Securing WebAccess Agent
     Install Certificate




46   © Novell, Inc. All rights reserved.
Securing WebAccess Agent
     Enabling SSL




47   © Novell, Inc. All rights reserved.
Securing WebAccess Agent Demonstration
Securing WebAccess Application
     Linux - Apache

     •   Modify /etc/sysconfig/apache
          –   APACHE_SERVER_FLAG...
Securing WebAccess Application
     Linux - Apache

     •   Restart apache2 by typing “rcapache2 restart”

     •   If th...
Securing Apache on Linux Demonstration
Securing WebAccess Application
     NetWare - Apache        ®




     •   Apache on NetWare by default enables SSL but us...
Securing WebAccess Application
     Windows 2008 - IIS




53   © Novell, Inc. All rights reserved.
Securing WebAccess Application
     Windows 2008 - IIS




54   © Novell, Inc. All rights reserved.
Securing WebAccess Application
     Windows 2008 - IIS




55   © Novell, Inc. All rights reserved.
Securing WebAccess Application
     Windows 2008 - IIS




56   © Novell, Inc. All rights reserved.
Securing WebAccess Application
     Windows 2008 - IIS




57   © Novell, Inc. All rights reserved.
Securing WebAccess Application
     Windows 2008 - IIS

     Sign the CSR using ConsoleOne and issue the
                 ...
Securing WebAccess Application
     Windows 2008 - IIS




59   © Novell, Inc. All rights reserved.
Securing WebAccess Application
     Windows 2008 - IIS




60   © Novell, Inc. All rights reserved.
Securing WebAccess Application
     Enabling SSL




61   © Novell, Inc. All rights reserved.
Securing WebAccess Application
     Enabling SSL




62   © Novell, Inc. All rights reserved.
Securing WebAccess Application
     Enabling SSL




63   © Novell, Inc. All rights reserved.
Securing WebAccess Application
     Enabling SSL




64   © Novell, Inc. All rights reserved.
Securing IIS on Windows Demonstration
Secure Internet Email with S/MIME
Secure Internet Email with S/MIME

     •   What is S/MIME
          –   Digital Signature
          –   Encryption (Symme...
What is S/MIME?

     •   S/MIME is an acronym for Secure/Multipurpose
         Internet Mail Extensions

     •   It is a...
Digital Signature

     •   Signature – A signature in simple terms is a
         handwritten depiction of someone's name ...
Encryption

     •   Encryption – A process of transforming information
         using an information to make it unreadabl...
Symmetric vs Asymmetric

     •   Symmetric
          –   Same key is used for Encryption and Decryption

     •   Asymmet...
Advantages/Disadvantages

     •   Advantages
          –   Authenticity and Protection of the Message

     •   Disadvant...
Creating and Importing User Certificates
     (Public Key and Private Key)

     •   Administrator
          –   Creates t...
Creating User Certificates
     Login to iManager as admin




74   © Novell, Inc. All rights reserved.
Creating User Certificates
     Create Certificate for users




75   © Novell, Inc. All rights reserved.
Creating User Certificates
     Create Certificate for users




76   © Novell, Inc. All rights reserved.
Creating User Certificates
     Create Certificate for users




77   © Novell, Inc. All rights reserved.
Creating User Certificates
     Create Certificate for users




78   © Novell, Inc. All rights reserved.
Creating User Certificates
     Create Certificate for users




79   © Novell, Inc. All rights reserved.
Creating User Certificates
     Create Certificate for users




80   © Novell, Inc. All rights reserved.
Importing User Certificates
     Administrator sets the URL




81   © Novell, Inc. All rights reserved.
Importing User Certificates
     Administrator sets the URL




82   © Novell, Inc. All rights reserved.
Importing User Certificates
     Administrator sets the URL




83   © Novell, Inc. All rights reserved.
Importing User Certificates
     User Imports the Certificate




84   © Novell, Inc. All rights reserved.
Importing User Certificates
     User Imports the Certificate




85   © Novell, Inc. All rights reserved.
Importing User Certificates
     User Imports the Certificate




86   © Novell, Inc. All rights reserved.
Importing User Certificates
     User Imports the Certificate




87   © Novell, Inc. All rights reserved.
Importing User Certificates
     User Imports the Certificate




88   © Novell, Inc. All rights reserved.
Importing User Certificates
     User Imports the Certificate




89   © Novell, Inc. All rights reserved.
Importing User Certificates
     User Imports the Certificate




90   © Novell, Inc. All rights reserved.
Importing User Certificates
     User Imports the Certificate




91   © Novell, Inc. All rights reserved.
Importing User Certificates
     User Imports the Certificate




92   © Novell, Inc. All rights reserved.
Importing User Certificates
     User Imports the Certificate




93   © Novell, Inc. All rights reserved.
Importing User Certificates
     User Imports the Certificate




94   © Novell, Inc. All rights reserved.
Importing User Certificates
     User Imports the Certificate




95   © Novell, Inc. All rights reserved.
Importing User Certificates
     User Imports the Certificate




96   © Novell, Inc. All rights reserved.
Importing User Certificates
     User Imports the Certificate




97   © Novell, Inc. All rights reserved.
Importing User Certificates
     User Imports the Certificate




98   © Novell, Inc. All rights reserved.
Exchanging Public Keys/Certificates

     •   Sender
          –   Sends a digitally signed message

     •   Receiver
   ...
Exchanging Public Key
      Sender sends Digitally Signed Message




100   © Novell, Inc. All rights reserved.
Exchanging Public Keys
      Receiver receives Digitally Signed Message along
      with the sender's Certificate




101 ...
Encrypting/Decrypting Mails

      •   Sender (Original Receiver)
           –   Encrypts an email using the Receivers Cer...
Exchanging Public Keys
      Send Encrypted Message




103   © Novell, Inc. All rights reserved.
Exchanging Public Keys
      Receive Encrypted Message




104   © Novell, Inc. All rights reserved.
Overview

      •   User1 sends a digitally signed message to User2

      •   User2 receives the digitally signed message...
S/MIME Demonstration
Questions?
Unpublished Work of Novell, Inc. All Rights Reserved.
This work is an unpublished work and contains confidential, propriet...
Securing Novell GroupWise through SSL and S/MIME
Upcoming SlideShare
Loading in...5
×

Securing Novell GroupWise through SSL and S/MIME

6,811

Published on

Novell GroupWise has always been known for its security, but there's even more you can do. Attend this session to learn about areas that are frequently overlooked in the security of Novell GroupWise environments. With the help of product demonstrations, participants will learn how to implement secure LDAP authentication, how to enhance the security of GroupWise communication with SSL and how to roll out S/MIME to GroupWise users.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
6,811
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
252
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Securing Novell GroupWise through SSL and S/MIME

  1. 1. Securing Novell GroupWise ® ® through SSL and S/Mime Dirk Giles GroupWise Software Engineer dpgiles@novell.com Mukesh Jethwani Novell WorldWide Support Engineer mjethwani@novell.com
  2. 2. Agenda • LDAP authentication and Novell GroupWise ® ® Post Offices • Novell GroupWise Agents and SSL – Certificate Generation – Installing and Enabling SSL – Securing GWIA and WebAccess agents • Secure Internet Email with S/MIME 2 © Novell, Inc. All rights reserved.
  3. 3. LDAP Authentication
  4. 4. Why Use LDAP Authentication? • Uses user's directory password – Minimizes password management requirements – Supports password policies (Bind Mode) – Less passwords for the user to remember • Can authenticate to other LDAP directories • Requires that users connect to the directory – Note: Directory accounts without a password will not require a password, even with a High Security Post Office 4 © Novell, Inc. All rights reserved.
  5. 5. LDAP Authentication Planning • LDAP Server information – Use SSL or not? > SSL key file – IP Address or name of LDAP server – LDAP port for LDAP server – User authentication method > Bind > Compare 5 © Novell, Inc. All rights reserved.
  6. 6. LDAP Authentication Planning Part 2 • Use proxy user? – Access the directory with limited rights – Need distinguished name (DN) – Need password • Allow users to change password? – Novell GroupWise Client Change Password dialog ® ® 6 © Novell, Inc. All rights reserved.
  7. 7. Export LDAP Certificate Which One? 7 © Novell, Inc. All rights reserved.
  8. 8. Export LDAP Certificate Certificate Properties 8 © Novell, Inc. All rights reserved.
  9. 9. Export LDAP Certificate Export Wizard – No Private Key 9 © Novell, Inc. All rights reserved.
  10. 10. Export LDAP Certificate Export Wizard – Output Format and Filename 10 © Novell, Inc. All rights reserved.
  11. 11. LDAP Server Configuration Novell GroupWise System Tools ® ® 11 © Novell, Inc. All rights reserved.
  12. 12. LDAP Server Configuration LDAP Server List 12 © Novell, Inc. All rights reserved.
  13. 13. LDAP Server Configuration LDAP Server Options 13 © Novell, Inc. All rights reserved.
  14. 14. Post Office Configuration Security Settings 14 © Novell, Inc. All rights reserved.
  15. 15. Post Office Configuration LDAP Server Selection 15 © Novell, Inc. All rights reserved.
  16. 16. LDAP Authentication Demonstration
  17. 17. Securing Novell GroupWise with SSL ® ®
  18. 18. Novell GroupWise Security and SSL ® ® • Enhances native messaging encryption • Ensures secure communication between the Post Office Agent and clients • Ensures secure communication between the Novell GroupWise agents • Secures Web Console and WebAccess 18 © Novell, Inc. All rights reserved.
  19. 19. Where Do I Start? 1. Get a certificate! – Generate a Certificate Signing Request (CSR) > Each separate server should have its own > Agents running on the same server can share 19 © Novell, Inc. All rights reserved.
  20. 20. Generate Certificate Signing Request Novell GroupWise Generate CSR Utility (GWCSRGEN) ® ® 20 © Novell, Inc. All rights reserved.
  21. 21. Request the Certificate • Submit the certificate signing request to a certificate authority – Trusted Certificate Authorities – Online submission mechanisms – Create your own 21 © Novell, Inc. All rights reserved.
  22. 22. Create a Certificate • Novell Certificate Server and Novell eDirectory ™ ® ™ – ConsoleOne ® > Requires the Novell Certificate Server snap-in – iManager > Requires the Novell Certificate Server plug-in module • YaST on Linux – Novell Open Enterprise Server – SUSE Linux Enterprise Server ® 22 © Novell, Inc. All rights reserved.
  23. 23. Create a Certificate using Novell Certificate Server ™ • Enter certificate signing request • Select key type and usage • Select validity period • Select output format and filename 23 © Novell, Inc. All rights reserved.
  24. 24. Issuing a Certificate with ConsoleOne ® Issue Certificate Wizard 24 © Novell, Inc. All rights reserved.
  25. 25. Issuing a Certificate with ConsoleOne ® Enter certificate signing request 25 © Novell, Inc. All rights reserved.
  26. 26. Issuing a Certificate with ConsoleOne ® Select key type and usage 26 © Novell, Inc. All rights reserved.
  27. 27. Issuing a Certificate with ConsoleOne ® Select validity period 27 © Novell, Inc. All rights reserved.
  28. 28. Issuing a Certificate with ConsoleOne ® Select output format and filename 28 © Novell, Inc. All rights reserved.
  29. 29. Issuing a Certificate with YaST Enter Certificate Authority 29 © Novell, Inc. All rights reserved.
  30. 30. Issuing a Certificate with YaST Select Export to File 30 © Novell, Inc. All rights reserved.
  31. 31. Issuing a Certificate with YaST Select output format and filename 31 © Novell, Inc. All rights reserved.
  32. 32. Issuing a Certificate with YaST Save certificate 32 © Novell, Inc. All rights reserved.
  33. 33. Issuing a Certificate with YaST Save key 33 © Novell, Inc. All rights reserved.
  34. 34. Certificate Generation Demonstration
  35. 35. Install the Certificate 2. Install the certificate! – Use ConsoleOne to designate the certificate ® and key paths – Enter the password of the key file 35 © Novell, Inc. All rights reserved.
  36. 36. Configure Access Network Access Tab 3. Enable SSL and configure access – Disabled, Enabled, and Required – Internal versus External 36 © Novell, Inc. All rights reserved.
  37. 37. Equivalent Command Line Options 37 © Novell, Inc. All rights reserved.
  38. 38. GWPOA Certificate Installation Demonstration
  39. 39. Securing Novell GroupWise Internet Agent ® ®
  40. 40. Securing the Novell GroupWise ® ® Internet Agent with SSL • Secure Connections to other SMTP hosts • Secure Connections for POP/IMAP clients • Secure Connections to WebConsole – SSL Enabled or Required for the above? 40 © Novell, Inc. All rights reserved.
  41. 41. Securing the GWIA with SSL Install the Certificate 41 © Novell, Inc. All rights reserved.
  42. 42. Securing the GWIA with SSL Enabling SSL 42 © Novell, Inc. All rights reserved.
  43. 43. Securing Novell GroupWise ® ® Internet Agent Demonstration
  44. 44. Securing Novell GroupWise WebAccess ® ®
  45. 45. Securing WebAccess with SSL • Securing WebAccess Agent - WebConsole • Securing WebAccess Application (Apache/IIS) 45 © Novell, Inc. All rights reserved.
  46. 46. Securing WebAccess Agent Install Certificate 46 © Novell, Inc. All rights reserved.
  47. 47. Securing WebAccess Agent Enabling SSL 47 © Novell, Inc. All rights reserved.
  48. 48. Securing WebAccess Agent Demonstration
  49. 49. Securing WebAccess Application Linux - Apache • Modify /etc/sysconfig/apache – APACHE_SERVER_FLAGS=” SSL” • Modify /etc/apache2/vhosts.d/vhost-ssl.conf 49 © Novell, Inc. All rights reserved.
  50. 50. Securing WebAccess Application Linux - Apache • Restart apache2 by typing “rcapache2 restart” • If the Private Key has a password restarting apache will ask for the password during the restart. Follow the step listed below to remove the password from the Key file – openssl rsa -in gw.key -out gwu.key – Also protect gwu.key by making sure only root can read gwu.key by typing “chmod 700 gwu.key” • Modify the /etc/apache2/vhosts.d/vhost-ssl.conf with the unencrypted key file 50 © Novell, Inc. All rights reserved.
  51. 51. Securing Apache on Linux Demonstration
  52. 52. Securing WebAccess Application NetWare - Apache ® • Apache on NetWare by default enables SSL but uses the internal Certificates • Follow TID 3033173 to import Certificate from a Public CA to Novell eDirectory ® ™ • Modify SYS:APACHE2CONFHTTPD.CONF file – SecureListen 443 “SSL CertificateDNS” • Restart apache by typing ap2webdn and ap2webup 52 © Novell, Inc. All rights reserved.
  53. 53. Securing WebAccess Application Windows 2008 - IIS 53 © Novell, Inc. All rights reserved.
  54. 54. Securing WebAccess Application Windows 2008 - IIS 54 © Novell, Inc. All rights reserved.
  55. 55. Securing WebAccess Application Windows 2008 - IIS 55 © Novell, Inc. All rights reserved.
  56. 56. Securing WebAccess Application Windows 2008 - IIS 56 © Novell, Inc. All rights reserved.
  57. 57. Securing WebAccess Application Windows 2008 - IIS 57 © Novell, Inc. All rights reserved.
  58. 58. Securing WebAccess Application Windows 2008 - IIS Sign the CSR using ConsoleOne and issue the ® certificate in a der format OR Send the CSR to the Public CA and get the Certificate 58 © Novell, Inc. All rights reserved.
  59. 59. Securing WebAccess Application Windows 2008 - IIS 59 © Novell, Inc. All rights reserved.
  60. 60. Securing WebAccess Application Windows 2008 - IIS 60 © Novell, Inc. All rights reserved.
  61. 61. Securing WebAccess Application Enabling SSL 61 © Novell, Inc. All rights reserved.
  62. 62. Securing WebAccess Application Enabling SSL 62 © Novell, Inc. All rights reserved.
  63. 63. Securing WebAccess Application Enabling SSL 63 © Novell, Inc. All rights reserved.
  64. 64. Securing WebAccess Application Enabling SSL 64 © Novell, Inc. All rights reserved.
  65. 65. Securing IIS on Windows Demonstration
  66. 66. Secure Internet Email with S/MIME
  67. 67. Secure Internet Email with S/MIME • What is S/MIME – Digital Signature – Encryption (Symmetric vs Asymmetric) • Advantages and Disadvantages • Creating and Importing User Certificates (Public Key and Private Key) • Exchanging Public Keys/Certificates • Encrypting/Decrypting Mails 67 © Novell, Inc. All rights reserved.
  68. 68. What is S/MIME? • S/MIME is an acronym for Secure/Multipurpose Internet Mail Extensions • It is a standard for Public Key Encryption and signing of MIME Data. In simple terms, it is used for Digitally signing a message and/or Encrypting a message – Digital Signature – Encryption 68 © Novell, Inc. All rights reserved.
  69. 69. Digital Signature • Signature – A signature in simple terms is a handwritten depiction of someone's name or a nickname that a person writes on documents as a proof of identity and intent • Digital Signature is an electronic signature used to authenticate the identity of the sender of a message and possibly to ensure that the original content of the message or document that has been sent is unchanged. The ability to ensure that the original signed message arrived means that the sender cannot easily repudiate it later. 69 © Novell, Inc. All rights reserved.
  70. 70. Encryption • Encryption – A process of transforming information using an information to make it unreadable to anyone except those possessing special knowledge • Two types of Encryption – Symmetric vs Asymmetric? 70 © Novell, Inc. All rights reserved.
  71. 71. Symmetric vs Asymmetric • Symmetric – Same key is used for Encryption and Decryption • Asymmetric – Separate keys are used for Encryption and Decryption 71 © Novell, Inc. All rights reserved.
  72. 72. Advantages/Disadvantages • Advantages – Authenticity and Protection of the Message • Disadvantages – Not all email software handles S/MIME signatures – S/MIME Encryption is currently not available for the Novell ® GroupWise Linux, Mac, or WebAccess clients ® 72 © Novell, Inc. All rights reserved.
  73. 73. Creating and Importing User Certificates (Public Key and Private Key) • Administrator – Creates the Public Key and Private Key • Users – Export the Private Key and the Public Key • Users – Import the Public Key and Private Key into the Client 73 © Novell, Inc. All rights reserved.
  74. 74. Creating User Certificates Login to iManager as admin 74 © Novell, Inc. All rights reserved.
  75. 75. Creating User Certificates Create Certificate for users 75 © Novell, Inc. All rights reserved.
  76. 76. Creating User Certificates Create Certificate for users 76 © Novell, Inc. All rights reserved.
  77. 77. Creating User Certificates Create Certificate for users 77 © Novell, Inc. All rights reserved.
  78. 78. Creating User Certificates Create Certificate for users 78 © Novell, Inc. All rights reserved.
  79. 79. Creating User Certificates Create Certificate for users 79 © Novell, Inc. All rights reserved.
  80. 80. Creating User Certificates Create Certificate for users 80 © Novell, Inc. All rights reserved.
  81. 81. Importing User Certificates Administrator sets the URL 81 © Novell, Inc. All rights reserved.
  82. 82. Importing User Certificates Administrator sets the URL 82 © Novell, Inc. All rights reserved.
  83. 83. Importing User Certificates Administrator sets the URL 83 © Novell, Inc. All rights reserved.
  84. 84. Importing User Certificates User Imports the Certificate 84 © Novell, Inc. All rights reserved.
  85. 85. Importing User Certificates User Imports the Certificate 85 © Novell, Inc. All rights reserved.
  86. 86. Importing User Certificates User Imports the Certificate 86 © Novell, Inc. All rights reserved.
  87. 87. Importing User Certificates User Imports the Certificate 87 © Novell, Inc. All rights reserved.
  88. 88. Importing User Certificates User Imports the Certificate 88 © Novell, Inc. All rights reserved.
  89. 89. Importing User Certificates User Imports the Certificate 89 © Novell, Inc. All rights reserved.
  90. 90. Importing User Certificates User Imports the Certificate 90 © Novell, Inc. All rights reserved.
  91. 91. Importing User Certificates User Imports the Certificate 91 © Novell, Inc. All rights reserved.
  92. 92. Importing User Certificates User Imports the Certificate 92 © Novell, Inc. All rights reserved.
  93. 93. Importing User Certificates User Imports the Certificate 93 © Novell, Inc. All rights reserved.
  94. 94. Importing User Certificates User Imports the Certificate 94 © Novell, Inc. All rights reserved.
  95. 95. Importing User Certificates User Imports the Certificate 95 © Novell, Inc. All rights reserved.
  96. 96. Importing User Certificates User Imports the Certificate 96 © Novell, Inc. All rights reserved.
  97. 97. Importing User Certificates User Imports the Certificate 97 © Novell, Inc. All rights reserved.
  98. 98. Importing User Certificates User Imports the Certificate 98 © Novell, Inc. All rights reserved.
  99. 99. Exchanging Public Keys/Certificates • Sender – Sends a digitally signed message • Receiver – Receiver receives the digitally signed message along with the Certificate 99 © Novell, Inc. All rights reserved.
  100. 100. Exchanging Public Key Sender sends Digitally Signed Message 100 © Novell, Inc. All rights reserved.
  101. 101. Exchanging Public Keys Receiver receives Digitally Signed Message along with the sender's Certificate 101 © Novell, Inc. All rights reserved.
  102. 102. Encrypting/Decrypting Mails • Sender (Original Receiver) – Encrypts an email using the Receivers Certificate • Receiver (Original Sender) – Decrypts it using his/her Private Key 102 © Novell, Inc. All rights reserved.
  103. 103. Exchanging Public Keys Send Encrypted Message 103 © Novell, Inc. All rights reserved.
  104. 104. Exchanging Public Keys Receive Encrypted Message 104 © Novell, Inc. All rights reserved.
  105. 105. Overview • User1 sends a digitally signed message to User2 • User2 receives the digitally signed message along with the certificate • Now User2 can send an encrypted message to User1 • User1 decrypts the message with the Private Key 105 © Novell, Inc. All rights reserved.
  106. 106. S/MIME Demonstration
  107. 107. Questions?
  108. 108. Unpublished Work of Novell, Inc. All Rights Reserved. This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability. General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×