Re: is http mail secure?

From: Bill Brehm ()
Date: 03/03/05 

Date: Thu, 3 Mar 2005 13:52:52 +0800

I've looked at the help and at the websites, but I don't quite get it.

What exactly is a cert? Is it a password or a piece of encyption code or a
license for something? It seems to cost a lot of money. Why do I have to buy
this from some company? Can't I (or Windows) create a cert without going to
a third party company?

When you say only IE users can get there, do you mean it wouldn't work with
other browsers? That would be okay, because all my users use IE.

Thanks.

"Steve Carr" <scarr@bastyr.edu.NOSPAM> wrote in message
news:uFvUU22HFHA.2276@TK2MSFTNGP15.phx.gbl...
> get a cetificate for your server (from Verisign, Thawte etc) and install
> and
> then use https. You can do this by going into IIS and going to the
> Properties of the Virtual Site, selecting the Security tab and clicking on
> Certificates at bottom. Create a request, save it as a txt file and then
> follow directions at the Certificate Authority you pick.
> If you don't, nothing is encrypted (unless you use integrated security,
> then
> your password is encrypted but only IE users can get there) so it is highl
> recommended to get a cert and go to https
>
> "Bill Brehm >" <<don't want any spam> wrote in message
> news:OsmTkAwHFHA.4060@TK2MSFTNGP14.phx.gbl...
>> Exchange 2000 running on Windows 2000.
>>
>> I recently discovered and want to enable HTTP access to the exchange
> server
>> for our people on the road. I can get it to work, but I'm worried about
>> security. I can access by http://myIPaddress/Exchange. There is no little
>> lock at the bottom telling me it's secure. I cannot access with https. Is
>> the data going over the internet encrypted? Is the username and password
>> encrypted?
>>
>> I know I could force them to VPN into our network then HTTP from within.
> But
>> that's a bit complicated for some of our users. Aside from that, how can
>> I
>> make sure it's secure?
>>
>> Thanks,
>>
>> Bill
>>
>>
>
>

Relevant Pages

  • Re: New MS Security Cert
    ... the cert makes perfect sense. ... Security problems involving ... them not knowing how to secure them properly. ...
    (microsoft.public.security)
  • Re: Securing a Java Application
    ... I have a Java application that uses JSP for visualizing data and EJB for queries. ... using Secure Sockets? ... The existing Java Http comms classes can already handle the https protocol for you. ... If your server cert isn't 'official' I think the client code has to override some security provider setting somewhere in order to function... ...
    (comp.lang.java.programmer)
  • Re: Versioning system
    ... > In the context of the O.P.'s notion of security, Bitkeeper would, much ... > secure communications. ... In many cases it is very convenient to just have the SSH ... Also the key management with ssh and https are ...
    (comp.os.linux.development.apps)
  • How to disable this Internet Explorer security alert message??
    ... On our site when a user is redirected from a secure ... page to a non secure page they get a pop-up ... But I still get the security alert message. ...
    (microsoft.public.inetserver.iis.security)
  • RE: [Full-Disclosure] http://www.chase.com/ vulnerability
    ... Security is important to everyone! ... "https" URL, the login component of this page is secure. ... your information is transmitted via a secure ...
    (Full-Disclosure)