Finger Print Premium Lock

Specification: =95Memory Capacity: maximum 120 fingerprints divided into four groups =95One can erase individual fingerprint or group of fingerprints =95Fingerprint an be enrolled and erased on the lock directly. No PC Connection is required =95Rotating handle upward can lock deadbolt =95Blue background light, convenient for night use =95Unique passage mode for meeting or gathering =95Operated by AA alkaline batteries with low voltage alert =95External stand-by socket for 9V battery for emergency =95Antistrike function: When the door is closed, the antistrike latch is pressed agains

"The New Encryption Generation: Closing the Gap"

This white paper examines the limitations of first-generation encryption processes that often deliver less-than-promised performance, spur user resistance, conflict with operational infrastructure and process requirements, and can even leave data stored in unencrypted locations where it is easily visible to unauthorized users. This white paper covers: * Data in the Line of Fire * Changing Needs of Security Management * Data on the Move * Endpoint Data Protection Prepared by IDG; Sponsored by CREDANT Technologies. <a href="http://ebooksick.tradepub.com/free/w_cr

Rado Cerix Large Diamond Accented Ladies Watch R25474722, Best Luxury Watch - www.luxury-gift.org

Rado Cerix Large Diamond Accented Ladies Watch R25474722, Best Luxury Watch - www.luxury-gift.org Luxury Gift : http://www.luxury-gift.org Rado Watches : http://www.luxury-gift.org//rado-watches.html Rado Cerix Large Diamond Accented Ladies Watch R25474722 Link : http://www.luxury-gift.org/Watches/rado-watch-2296.html Rado Cerix Large Diamond Accented Ladies Watch R25474722 Information : Brand : Rado Watches Series : Rado Cerix Code : rado-cerix-diamond-accented-R25474722 Gender : Ladies Case Material : Ceramic Dial Color :

Omega Aqua Terra 35mm Quartz 2518.80, Best Luxury Watch - www.luxury-gift.org

Omega Aqua Terra 35mm Quartz 2518.80, Best Luxury Watch - www.luxury-gift.org Luxury Gift : http://www.luxury-gift.org Omgea Watches : http://www.luxury-gift.org//omgea-watches.html Omega Aqua Terra 35mm Quartz 2518.80 Link : http://www.luxury-gift.org/Watches/omega-watch-1585.html Omega Aqua Terra 35mm Quartz 2518.80 Information : Brand : Omgea Watches Series : Aqua Terra Mid-Size Quartz Code : 2518.80 Gender : Mens - Midsize Case Material : Stainless Steel Dial Color : Blue Bracelet Strap : Stainless Steel Movement

The status of pkcs11 module always be "Disabled"

This is a multi-part message in MIME format. ------=_NextPart_000_002C_01C8CF17.388CAD00 Content-Type: text/plain; charset="gb2312" Content-Transfer-Encoding: quoted-printable Hi all, I'm developing custom pkcs#11 module, when I test it in mozilla firefox = 2.0,=20 the status of the module always be "Disabled", any suggestions ? The module loaded successfully, slot info displayed ok, but the token = info=20 not displayed, the token is soft token, slot is CKF_TOKEN_PRESENT. If you want detailed information or any suggestion, please tell me, = thank=20 you very much. Robi

__CERT_DecodeDERCertificate

Hi, Using NSS libraries we've written a program to verify signature and when run in parallel mode (spawning multiple threads) a JVM crash is observed at the call of __CERT_DecodeDERCertificate method. Strangely, this is observed in HP-UX machine only and the same code is working well in Linux 2.6. Has anyone come across such kind of a problem earlier? What could be causing this? Any kind of inputs are most welcome. Regards Mohan

C_WrapKey

Ok here is my problem I have a wrap key in an HSM under a label"MYLABEL" . I am trying to use C_WrapKey to get privatekeys werapped under this wrapkey. based on the documenattion i m supposed to do C_Initialise // Ok C_OpenSession // OK C_Login //OK But when it comes to calling the C_WrapKey it returns back an error code 0x60 CKR_KEY_HANDLE_INVALID meaning obviosuly teh handle is not set. How Do i get this handle as it seems a not initialised valued is being passed on.. I tried to read about C_FindObjectsInit & C_FindObjects but they dont seem to be wiling to offer me a h

Seeking help with server authentication

Hi!!! I've been trying to test the SSL client-server executables given in the bin folder of the NSS package binary: I'm using selfserv.exe & strsclnt.exe. The server side is getting initialized alright. But I have problems with server authentication: I tried many hit-&- trial approaches to obtain a successful connection but for one reason or the other, the client is not recognising the issuer CA(self-signed and added to the client DB with certutil -t "CTU, CTU, CTU") as trusted. I created three DB directories: one for each, the client, the server & the CA. The DBs, keys, and t

HP Desktop for sale!

Hi, I have an unused HP Pavilion with the fallowing specs: # Processor: AMD Athlon 64 X2 4000+ (2.1GHz, 2000MT/s System Bus) # Memory: 2048MB PC2-5300 DDR2 SDRAM memory (2x1GB) (expandable to 8 GB (4 x 2 GB) (64-bit OS)/ 4 GB (4 x 1 GB) (32-bit OS)) # Hard Drive:320GB 7200RPM SATA 3G (3.0 Gb/sec) hard drive # Optical Drive: 16X DVD(+/-)R/RW 12X RAM (+/-)R DL LightScribe SATA drive # Expandable Drive Bay: HP Pocket Media Drive bay # Video Graphics: Integrated graphics # Network Interface: Integrated 10/100BaseT network interface # Sound: High Definition 8-channel audio # Fax/Modem:

Hot personal ads women dating , personal ads women looking , personal ads women

http://www.all-women-dates.com/index127.html http://www.all-women-dates.com/index128.html http://www.all-women-dates.com/index129.html http://www.all-women-dates.com/index130.html http://www.all-women-dates.com/index131.html http://www.all-women-dates.com/index132.html http://www.all-women-dates.com/index133.html http://www.all-women-dates.com/index134.html http://www.all-women-dates.com/index135.html http://www.all-women-dates.com/index136.html http://www.all-women-dates.com/index137.html http://www.all-women-dates.com/index138.html http://www.all-women-dates.com/index139.html ht

Generating cross certificates?

At my work, I've been attempting to build (what I believe is called) a "cross-signed certificate" for a set of files distributed within the same type of "jar" file used to distribute executable Java classes over the network. Ring any bells with anyone? Right now, software enhancements/updates are delivered in jar files because the jar signing mechanism should protect the appliance from invalid updates. We've been using certification authority "A" so far, and we recently gave another group a certificate "X" that had "A" in its trust chain. So jars signed with "X"'s are allowed by t

I can't decrypt mail message using mozilla thunderbird 1.5.0.10 on linux

I can sign and crypt the mail messages, but i can't decrypt them. I am using the smart card, if i do the same procedure with mozilla on windows pc, all works. but on linux the decrypt is not possible. If i try to read the crypted messages i obtain the following error message: "Mail/News cannot decrypt this message: The sender encrypted this message to you using one of your digital certificates, however Mail/News was not able to find this certificate and corresponding private key." someone can help me? thanks

Call For Papers: SECURECOMM 2007

CALL FOR PAPERS SECURECOMM 2007 Third International Conference on Security and Privacy for Communication Networks Nice, France, Sept. 17 - Sept. 21, 2007 URL: http://www.securecomm.org Co-Sponsored By: IEEE Communications Society (www.comsoc.org) CreateNet(www.create-net.it) PAPER SUBMISSION DEADLINE March 7, 2007 ******************************************************************* Securecomm seeks high-quality research contributions in the form of well-developed full papers. Topics of interest encompass research advances in ALL areas of secure communications and net

EuroPKI'07 (+ Journal Special Issue)

** Apologies for multiple copies ** F i n a l C a l l F o r P a p e r s Fourth European PKI Workshop: Theory and Practice (EuroPKI'07) 28-30 June 2007 Palma de Mallorca, Balearic Islands, Spain http://dmi.uib.es/europki07 The 4th European PKI Workshop: Theory and Practice is focusing on all research aspects of Public Key Applications, Services and Infrastructures. Submitted papers may present theory, applications or practical experiences on topics including, but not limited to: - Architecture and Modeling - Authentication - Authorization and Delegation -

EuroPKI07 Call for Papers

F i r s t C a l l F o r P a p e r s EUROPKI'07 Fourth European PKI Workshop: Theory and Practice 28-30 June 2007 Mallorca, Spain http://dmi.uib.es/europki07 The 4th European PKI Workshop: Theory and Practice is focusing on all research aspects of Public Key Applications, Services and Infrastructures.Submitted papers may present theory, applications or practical experiences on topics including, but not limited to: - Architecture and Modeling - Authentication - Authorization and Delegation - Bridge CA - Case Studies - Certificates Status - Certification Po

Certificate import fails with "already exists on the security device"

Hi, I have tried a number of things to make Thunderbird import a certificate and key, with no success. Originally it was in PKCS12 format, issued by my organization as my personal certificate. Whenever I try to import it, I get the error message "The certificate and private key already exist on the security device" (which was definitely not true - it even failed with an empty certificate db). The certificate was made for signing and came together with another certificate (made for encryption) with which I had no problems. In the same package, I also got two CA certs in pkc

Netscape PKCS#11 test suite

Hi all, I am searching for the Netscape Pkcs#11 test suite windows executables. If any of you point me the link from where i can download this executables it will be very helpful. Regards, Kamal.

problem with multiple certificates from 1 card PKCS11

I am seeing some behavior from Thunderbird that I cannot explain. I have a PIV card with 3 certs on it -- all of which are suppose to be meant for different things. Thunderbird correctly sees the one applicable for digital signature, and correctly sees the one for encryption. 2 things: Whenever I select a cert it asks me if I want to use it for the complementary job as well. That's OK if the cert can do both, but in this case, these certs have exclusively different uses and I should never be prompted (The key usage is set accordingly). I guess that's just a usability issue.

SSL connection fails on the server with SSL_ERROR_HANDSHAKE_FAILURE_ALERT

Hi all, I would like to ask for advise. We are building a firefox extension and we are using our own implementation of SSL server and client implemented closely to the ssl sample (security\nss\cmd\SSLsample). We are not using PSM socket provider implementation. All certificates (CAs and client/server) are RSA/SHA1 signed. We are using a root CA + several intermediate CAs to sign user's certificates. The user's certificates are used for SSL server and SSL client authentication too. All CAs are added to the software token and marked as trasted CA. The user certificate is also add

need help w tbird and pkcs11

Ok, I have spent over a week tweaking and toying with things and, although I believe I am dead on, for some reason, thunderbird will not accept the certificate on my card as valid. I have included the open-sc spy logs inline-- The last success I have show's NSS looking fro CKO_PRIVATE_KEY, which tell it I have 1, and then it never checks the follow on attributes for it! It almost appears as if it begins to loop on getInfoXXX Can someone please tell me WHAT I am missing? Compared to the logs I have for another working card everything looks to be in order As an aside, I wil

Looping C_OpenSession problem in tbird pkcs11

I am currently developing a PKCS11 module for a new card and I am seeing some strange behavior: For some reason, thunderbird continually repeats the same 7 functions over and over eventhough it "installs" the module successfully. Most of them are just "getInfo" functions but it also continues to call C_OpenSession which is a problem since that calls attempts to access the card. I have returned CKR_SESSION_COUNT and it still loops. So, my guess is that it is due to something else I have done I just don't know what. Below I have an example output of the calls using pkcs11-spy f

How to map a selected certificate from the certificate manager list to PKCS11

Hi there, I installed my PKCS11 module into the Firefox browser. I can see my certs on my token from the Certificates Manager of the browser. Turn on the option -- "Ask me evey time". Then I started a Client Site SSL connection to my web server. The browser popped up the cert selection list box. I selected one. However, my pkcs11 module cannot get the correct selection. It always picks up the first cert. Can someone tell me how the browser passes the pkcs11 module a selected cert index? Basically I use a selected cert index to locate its private in the key store and then do a

signing javascript

Hello all, I am trying to sign javascript files and running into some issues. Hopefully someone can point me into the right direction. I did obtain a code signing certificate from Certum. They issue the certificate as part of a chain: certum root CA -> certum level I -> mycert. I created a cert db with the certutils prg: 1. certutil.exe -N -d I have three cer files: one for each cert in the chain. Since certum root ca is already contained in the list of root certs, I do not bother to import this one. However, I do import certum level I and mysert: 2. certutil.exe -A -t Cu -n "C

SECURITY/ C++/ CONTRACT/ CA

OMNI GROUP tgugger@sbcglobal.net 419-537-9447 ENCRYPTION�C/C++ -- SSL/TLS -- CONTRACT � ASAP�CA If interested and qualified, email resume to: tgugger@sbcglobal.net. JOB DESCRIPTION Position: - Apps Systems Engineer 6 - Encryption Projects San Francisco- 5 months, renewable possible Possible future opening in Phoenix area Contract Term: 5 months with the p

Build NSS on windows with mingw

It's my understanding that msvc and VC++ are supported for NSS builds. I have even been able to find some msvc binaries of nss floating around. However, I'm stuck on compiling NSS with mingw/gcc. Does anybody have any hints? Thanks, Wesley Leggette

Associate Research Fellow - Cryptography - UoW Australia

associate research fellow - cryptography Faculty of Informatics � Fixed Term (3 years), Full-time position UOWs Centre for Information Security, which is a part of the Faculty of Informatics, is seeking to appoint a suitably qualified individual to work on the ARC Discovery project entitled: �Credential Systems and Their Applications in Securing Electronic Health Records�. To be successful, you will possess a PhD in Cryptography / Mathematics or equivalent area and demonstrate your experience in Cryptography and its applications. Ideally, you will a

certutil - import client certificates?

I'm currently trying to find a way of automatically importing a client certificate into Firefox - such that its 'resting place' is in the 'your certificates' part of the database. I want to create a different certificate for a number of clients on a web server, and use a local script on the client to grab this certificate and add it to the browser automatically. I can't seem to find any options on certutil that allow me to do insertion of client certificates. Is this something that is possible in any way? Matthew

LEARN

LINKS OF SITES TO STUDY CRYPTOGRAPHY http://www.freewebtown.com/hax4u/cryptography.html

JSS interop with crypto.generateCRMFrequest

I've generated a CRMF request from Firefox with the simplest possible javascript snippet: function showcrmf() { document.write(crmf.request); } crmf = crypto.generateCRMFRequest("cn=frog,ou=frog", "regtoken", "authenticator", null, "showcrmf();", 1024, null, "dsa-nonrepudiation"); I'm trying to load the resultant base64 into JSS using equally simple code: CertReqMsg.Template t = new CertReqMsg.Template(); ASN1Value a = t.decode(new BufferedInputStream(new Base64InputStream(new FileInputStream("/home/dichro/crmf")))); System.err.println(a); Which bombs with: Exception

sign/crypt forms

Hi all, I'm needing a way to sign/crypt webmail forms using pki functions, so, standalone mail clients (thunderbird) can to check sign and decrypt the messages. I have based in secclab (http://secclab.mozdev.org/index.html) but without success. Anyone have any orientation about how to make this? Thank you a million. Best Regards, Fernando Ribeiro

How to build the NSS cmds on Mac OS X?

Hi all, Can someone tell me how I can build NSS lib and its utility cmds on Mac OS X? I have downloaded the Mozilla source code and successfully built it on OS X, but checked with the output obj dir, I didn't find the Security/nss was created and built. How I can include the NSS into my build? Thanks, Ben

Are You Living Life The Way You Choose???

I spend as much time as I want with my family. We go on vacation whenever we choose and we even make money while we're tanning on the beach. We have NO bosses to answer to, NO long commutes in the morning, and we decide when it's time to wake up! The Internet makes this possible for anyone, and you can make money 24 hours a day 7 days a week... even while you are sleeping! I do this everyday along with hundreds of thousands of others. In the next 15 minutes you can have your very own Affiliate Cash Vault system which will virtually run itself. You just wait for the checks to come home and c

VeriSign digital certificates with Firefox

Hello all! At the school where I work, our student information system has a digital certificate installed from VeriSign. Because it is a 128bit certificate, there are three parts to it: the middle part is an intermediate portion also from VeriSign that bumps it up from 64bit to 128bit. The Firefox browser in both versions 1.0.7 and 1.5 initially came up with a message box title of "Web Site Certified by an Unknown Authority" and the content of the message box of "Unable to verify the identity of sis.cgu.edu as a trusted site" when we went to the SSL signon page. Firefox sh

n.p.m.crypto is moving

I am forwarding this message to the secnews.netscape.com server, which seems to have stopped updating this newsgroup at the end of 2005. /Nelson - ------------------------------------------------------------------ It should be no secret these days that the Mozilla Foundation and its related projects are no longer a pet project of Netscape, yet the newsgroups we are using for public discussions still bear the Netscape name. We've been planning for years to move from netscape.public.mozilla.* to just mozilla.*, and the time has finally come! In August, we announced a partnership wi

Basic Firefox signing/encryption question

An OASIS TC is currently toying with the idea that Mozilla Firefox can, without adding any native extension code, perform XML Signatures and possibly also XML Encryption, by an invocation from a web page: http://www.oasis-open.org/committees/download.php/16304/agsc-tpki-requirements-00.txt To my knowledge the only thing available in a standard distribution is the "signText()" function. signText only supports the signing of a plain/text string (at least if the user is taken in consideration...). In addition the signature is limited to PKCS #7. Could somebody ON THIS LIST (not o

The Browser Digital Signature Riddle

Although S/MIME has its uses, WebSigning (signing web forms), is already a much more significant tool for many e-governments. This is mostly due to the fact that interactive services are considerably more flexible than static e-mail, but it also depends on the ease of establishing confidentiality (https). However, there is a fly in the soup. There is no standard for WebSigning, making this facility costly to deploy as well as non-interoperable. Recently a number of leading pharmaceutical companies who have formed a strong authentication consortium (SAFE), launched an internally d

JSSE & JSS Provider Conflict

I was wondering if anyone had this problem before. It seems that JSS 3.4 (and new versions) does not support all Cipher algorithms (like RC4) that are needed for SSL connection server-client handshake and key exchange processes. I get a NoClassDefFoundError when trying to connect to a SSL server (when RC4 cipher is used) using the Mozilla JSS provider as the default. Now, when I set the first provider in the java.security file like this: security.provider.1=sun.security.provider.Sun security.provider.2=org.mozilla.jss.JSSProvider .... The handshake completes, but of course th

Multiple certificate databases with NSS?

Apparently there is some work being done to enable use of multiple certificate databases with NSS. Does anyone know what the timetable is for this? Are there any APIs that we can take a look at? Any pre-release version we can try out? Cheers, Matt

Thunderbird says: "Could not verify this certificate for unknown reasons" to the certs I made with CA.pl

I'm trying to be my own, personal CA. The plan is to create my own, self-signed CA cert, import that cert as a trusted authority on Thunderbird, Firefox, whatever.... and then create certs (signed by my new CA cert) for use on the various servers that I and a few other friends use. Using the openssl CA.pl script, I did the following: CA.pl -newca CA.pl -newreq CA.pl -sign At this point, I've got my cacert.pem, newreq.pem, newkey.pem, and newcert.pem. newcert.pem includes both a "-----BEGIN CERTIFICATE----- " section as well as what looks to be the human-readable output

com.netscape.jss.ssl package

We're using Sun's iPlanet as our LDAP server and are trying to implement LDAP via SSL in our Java apps (we're using the Directory SDK 4.1 for Java). I'm using the class netscape.ldap.factory.JSSSocketFactory, which makes reference to another class: com.netscape.jss.ssl.SSLCertificateApprovalCallback.ValidityStatus But I can't find that class anywhere, and when I run the app I get a NoClassDefFoundError. I have found tons of references to a mozilla package with a similar name, but nothing for the package my code is looking for. Is there another jar I need to include or downloa

Own key and certificate token

Hi, I have been developing an extension to the FireFox witch directly uses NSS and creates own PKI. I would like to ask, if there is some way in the NSS to establish my own key and certtificate token. I'd like to run my own token parallel with existing softoken device, manage password and authentication to this slot my own way and store all my certificates and private/public keys into this own slot. Currently I am using token obtained with PK11_GetInternalKeySlot() for key management (generation/search etc.) and CERT_GetDefaultCertDB() for access to the cert database. Waht is glob

Paypal Magic... Make money by 5 bucks, give it a try

PAYPAL MAGIC!!! TURN $5 INTO $15,000 IN ONLY 30 DAYS...HERES HOW! This is a Money Scheme and Not, I repeat... This is Not a Scam!!! You have most likely seen or heard about this project on TV programs such as 20/20 and Oprah, or you may have read about it in the Wall Street Journal. If not, here it is below - revealed to you in step-by-step detail. This program is by no means new. It has been in existence in many forms for at least a decade. But in the early days, it required a lot more time and effort, as well as an investment of a few hundred dollars. Howe

New software security device

Hello. Is there any way to create a new Software security device besides the one that is bundled with Mozilla/Firefox? I know it is possible to add new hardware security devices, and then choose among all of them. And I need to do it in the same profile. I am doing some tests and need to select between security devices (this is the important part for my tests). Thank you in advance. Emilio Perez.

pkcs #11 test suite - win32 executable available?

I want to test out the pkcs #11 test suite but am looking for an executable version for win32. I looked over the archives and was only able to find people with problems in compiling on that platform. If anyone succeeded, could they please reply and maybe supply me with a working copy? Or if there is a howto compile for the win32 platform I would appreciate a pointer. With regards, Mads Rasmussen

What is the maximum supported for the modulus in the current version of NSS ?

Hi Guys, I was wondering what is the maximum modulus size supported for RSA or DSA keys in NSS ? For example, we experienced various errors from Thunderbird client (1.0.6,1.0.7 and various other versions) when trying to connect in TLS to an ESMTP server with CA keys with 2048 bits modulus. The error is the following : "could not establish an encrypted connection because certificate presented by <IP> is invalid or corrupted Error Code -8182". With random keys with a smaller modulus, it seems to be ok. Thanks a lot for any feedback, Kind regards,

creating a module

Hi, what are the (minimum) requirements to be able to load a library as a security module. When importing the module I always get the message "Unable to add the module". Thanks, Daniel

How can I get htpps pages working in my app that uses mozilla?

Hello. I have an application which uses mozilla 1.7.12 for displaying web pages. And it doesn't work with https protocol. PSM is turned on the only thing that happens is gpf First there is a call to PK11_GetInternalSlot(); which calls SECMOD_GetInternalModule and it returns 0; As I understand I need to make proper initialization of NSS using NSS_Initialize and then use SECMOD_AddNewModule to add a new module. Is that right? But I can't find any samples of this in the net. Can anyone provide the sample how to get https(nss) working in a custom application using mozilla? Thanks.

Generation of public key on token

Hi, I have a PKCS11 (v 2.1) library ,.. Using this library via Mozilla I am trying to import a certificate on to the smart card. The process fails because this library does not support generation of RSA public keys on the token.. On looking at the failure point I see that much before the call to slbXsiPkiGenerateKeyPair() there is a check on the PublicKey Template to determine whether it is a Token object or not. If it is, then the check reports an error: "Can't generate RSA public keys on the token!" I am a rookie with PKCS stuff, can someone please explain to me how to go a

adding a function to CK_FUNCTION_LIST

Hi, We have this PKCS#11 (2.1) implementation of the crypto module for smart cards... Besides the 68 functions, can I add another custom function for the application to call? I have been successfully been able to add the function and use the library from our applications, but when I try to load the module using the Mozilla browser, it reports an error saying "Unable to load module"... If I remove the function from the list everything works fine and the module gets loaded by the browser... Is this a wrong way to add a function to the crypto module or do I need to anything else

JSS UnsatisfiedLinkError: already loaded in another classloader

Hi! I'm using JSS with a web signing applet. When refreshing the web page containing the applet or launching it in another window, cryptoManager initialization raises this error: java.lang.UnsatisfiedLinkError: Native Library jss3.dll already loaded in another classloader The only way to go back to a normal behaviour is to restart the browser. All windows should be closed. Is there a way to bypass this error without limiting applet user's actions? thx! PS: This error does not appear when using other applets with JNI modules.