|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re[2]: Relative Security Provided by Cached Domain Credentials?
From: Vyacheslav Ponomarenko (VPonomarenko
taos.com)
Date: Tue May 25 2004 - 22:13:54 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Kim,
When you use EFS on a file server it encrypts/decrypts data on user's
behalf via delegation. Thus it can only access keys stored in user's
profile.
Vyacheslav
Tuesday, May 25, 2004, 6:56:01 AM, you wrote:
KO> I have seen mentioned the use of smartcards for efs certificates in this
KO> thread a couple of times.
KO> Although it would be nice in theory it was my understanding that this cannot
KO> be used at present because not thought about in the efs API, so during
KO> decreption or encryption for that matter only the personal certificate store
KO> is checked for a key, not any smartcard related stuff.
KO> At least that is what I understood about efs and smartcards.
KO> Has any of you actually tested the smartcard solution, or it this how you
KO> would theoratically handle it?
KO> Kim Oppalfens
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]