[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20080118190741.4701.qmail@securityfocus.com>
Date: 18 Jan 2008 19:07:41 -0000
From: joachim.schneider@...maco.de
To: bugtraq@...urityfocus.com
Subject: Re: Re: Utimaco Safeguard Easy vulnerability
SafeGuard Enterprise is too different from SafeGuard Easy that any observations on SGE could be applied to it.
While SafeGuard Easy was explicitly designed to be as undemanding as possible in terms of infrastructure and had no real central management,
SG Enterprise uses a Client/Server model with central management and database, allowing administrators to centrally
control all policies and key management.
The only things needed to install a client is the client software package, and a digitally signed configuration package that identifies the client's home server and its certificate.
All policies, keys, etc are transported to clients using session-key encrypted network connections. In addition, critical data is digitally signed using company-specific keys.
Powered by blists - more mailing lists