[clue-tech] Mod_nss question
David L. Anselmi
anselmi at anselmi.us
Tue May 25 19:35:39 MDT 2010
Mike Staver wrote:
> No problem - you're pretty close with the single sign on part. Every user
> of the web applications I work on is issued an ID card. Think a DirecTV
> access card almost exactly, but with barcodes on the back, a magnetic
> strip, and the chip on the card contains a personal certificate.
Sounds like DoD (though DoI got that idea 5 years ago--I wonder whether they've delivered yet).
> Well, this just one flaw with this model - and that is the user may have had their certificate
> revoked, yet still manage to keep their card.
When their cert expires and they get a new one, does it automatically work with all their apps or do
they have to do something to tell the apps about their new cert?
Dave
More information about the clue-tech
mailing list