Re: self-signing certificate

On Mon, 26 Jun 2006 05:02:31 -0700, "'69 Camaro"
<ForwardZERO_SPAM.To.69Camaro@xxxxxxxxxxxxxxxxxxxxxx> wrote:

Hi, Josh.

which I should have
Jet4sp8, as I just went to office update.

No. Office Update won't update Access 2003 with Jet 4.0 SP-8, because
Access 2003 already contains Jet 4.0 SP-8. Re-read that warning message in
the context of Access 2002 users, who didn't have Jet 4.0 SP-8 by default.
Microsoft didn't bother updating the message for Access 2003, so you and the
other millions of Access 2003 users were confused the first time we saw that
message, too.

Is that why I still had to set security level to Low, because the
certificate,
while there, isn't trusted?

A Self-Cert digital certificate isn't trusted when the Macro Security level
is set to High level. It's only trusted when used for Medium level.


But, it was set for Medium during the time I was experimenting with certificate,
so that should have satisfied access and not given me a warning, is that
correct? And, if correct, why the warning?



btw, sandbox mode is set to 2 in registry, not sure whether to set it to 1
or 2
or does it make a difference if security is set to Low?

It makes a difference, because it's a separate issue that has been enabled
with Jet 4.0 SP-8. (Remember that warning message? That's what it's for.)
If you leave the Sandbox mode setting at 2 (the default), then Sandbox mode
is used for non-Access applications, but not for Access. If you set it at
1, then Sandbox mode will only be used for Access applications, not other
applications.


I don't understand the default of 2, sandbox mode for non-access applications,
but not for Access. Wouldn't the default of 1 be better (from a 'Default' point
of view), to make Access more secure and leave non-Access applications alone?
Or, am I totally screwed up (which is the most likely case)

Thanks



Seems to me that this is an example of "make it too difficult and people
will
just bypass security"

Yup. Those with common sense will avoid spitting into the wind.

HTH.
Gunny

See http://www.QBuilt.com for all your database needs.
See http://www.Access.QBuilt.com for Microsoft Access tips and tutorials.
http://www.Access.QBuilt.com/html/expert_contributors2.html for contact
info.


"Josh" <traygo@xxxxxxxxxxx> wrote in message
news:1qut92tp3p33d0ojgf49buh33j5o1svja2@xxxxxxxxxx
just upgraded to access2003, and got the Jet4sp8 warning, which I should
have
Jet4sp8, as I just went to office update.

Searched google, and saw that I can either set security to low, or do a
self-signing certificate if used with this computer. So, did the
self-signing
certificate, added it to macro/Security/trusted publishers. I thought that
would
take care of it, but, now, still get the warning. I had to actually set
security
to low to avoid the warning. Went back to macro/Security/trusted
publishers and
viewed my certificate. Looked ok until I looked at the "certification
Path" tab,
and saw that my certificate had a red X on it, with this comment: This CA
Root
certificate is not trusted because it is not in the Trusted Root
Certification
Authorities store.

Is that why I still had to set security level to Low, because the
certificate,
while there, isn't trusted?

btw, sandbox mode is set to 2 in registry, not sure whether to set it to 1
or 2
or does it make a difference if security is set to Low?

Seems to me that this is an example of "make it too difficult and people
will
just bypass security", like "make password requirements too complex,
therefore
people write them down and leave the note by the keyboard" kinda thing.

Thanks, Josh


.

Relevant Pages

  • [NT] Flaw in Outlook 2002s Way of Handling V1 Exchange Server Security Certificates Leads To Informa
    ... Beyond Security would like to welcome Tiscali World Online ... Encryption is used to prevent parties other ... Outlook uses public key certificates to facilitate the exchange of the ... there are other certificate options including V1 Exchange Server Security ...
    (Securiteam)
  • Re: Embedding Simple MFC GUI app into website
    ... particular technology is "evil" goes beyond common sense and increases ... his denouncement of ActiveX and Java (and Flash, ... ActiveX, in particular, is an antipattern for security. ... Since you must obtain a certificate for code signing from the trusted ...
    (microsoft.public.vc.mfc)
  • Re: Auto Enrollment not working for one DC
    ... Windows Server 2003 SP1 introduces enhanced default security settings for the DCOM protocol. ... Windows Server 2003 Certificate Services provides enrollment and administration services by using the DCOM protocol. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Auto Enrollment not working for one DC
    ... I was already aware of the post SP1 problem with the CERTSVC_DCOM_ACCESS ... Certificate Services: Effects of security enhancements to the DCOM protocol ...
    (microsoft.public.windows.server.active_directory)
  • Re: self-signing certificate
    ... saw that my self-signed certificate was under the ... Now warnings at all when opening with medium security set. ... And, if correct, why the warning? ...
    (microsoft.public.access.security)