Export the P12 from the browser, and import it into PGP. PGP has the
capability to display attributes of the RSA key pair being used by the
client.
-K
-----Original Message-----
From: Laura A. Robinson [mailto:larobins (at) bellatlantic (dot) net [email concealed]]
Sent: Wednesday, October 22, 2003 10:50 AM
To: Butters, Kevin; focus-ms (at) securityfocus (dot) com [email concealed]
Subject: RE: RSA key pair lifetime expiration
How did you determine that the key pair did not have an expiration?
Laura
> -----Original Message-----
> From: Kevin_Butters (at) NAI (dot) com [email concealed] [mailto:Kevin_Butters (at) NAI (dot) com [email concealed]]
> Sent: Wednesday, October 22, 2003 10:30 AM
> To: larobins (at) bellatlantic (dot) net [email concealed]; focus-ms (at) securityfocus (dot) com [email concealed]
> Subject: RE: RSA key pair lifetime expiration
>
>
> Expiration on the keys.
>
> I completed an x.509 cert request/retrieval from a CA. I then
> exported the x.509 cert including the private key. I imported
> the cert along with its key pair into PGP. Upon inspecting
> the key pair properties, I was able to determine that the
> x.509 cert had an expiration date, as defined by the CA, but
> the key pair generated on the MS client used for the x.509
> cert didn't have an expiration date. I would like to know if
> there is a way to set a key lifetime on the MS client without
> users possessing an RSA key pair without an expiration date.
>
> -K
>
>
> -----Original Message-----
> From: Laura A. Robinson [mailto:larobins (at) bellatlantic (dot) net [email concealed]]
> Sent: Wednesday, October 22, 2003 7:49 AM
> To: Butters, Kevin; focus-ms (at) securityfocus (dot) com [email concealed]
> Subject: RE: RSA key pair lifetime expiration
>
>
> Expiration on the keys, or on the certificate(s)?
>
> Laura
>
> > -----Original Message-----
> > From: Kevin_Butters (at) NAI (dot) com [email concealed] [mailto:Kevin_Butters (at) NAI (dot) com [email concealed]]
> > Sent: Tuesday, October 21, 2003 6:24 PM
> > To: focus-ms (at) securityfocus (dot) com [email concealed]
> > Subject: RSA key pair lifetime expiration
> >
> >
> > This may have been discussed before I am not sure. I
> noticed that the
> > RSA keypairs generated by MS clients before making a x.509 cert
> > request do not have an expiration date on them. Is there a way to
> > specify key pair lifetimes on MS clients?
> >
> > K
> >
> >
> >
> > --------------------------------------------------------------
> > -------------
> > FREE Whitepaper: Better Management for Network Security
> >
> > Looking for a better way to manage your IP security?
> > Learn how Solsoft can help you:
> > - Ensure robust IP security through policy-based management
> > - Make firewall, VPN, and NAT rules interoperable across
> heterogeneous
> > networks
> > - Quickly respond to network events from a central console
> >
> > Download our FREE whitepaper at:
> > http://www.securityfocus.com/sponsor/Solsoft_f> ocus-ms_031015
> >
> >
> > --------------------------------------------------------------
> > -------------
> >
>
>
------------------------------------------------------------------------
---
FREE Whitepaper: Better Management for Network Security
Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console
capability to display attributes of the RSA key pair being used by the
client.
-K
-----Original Message-----
From: Laura A. Robinson [mailto:larobins (at) bellatlantic (dot) net [email concealed]]
Sent: Wednesday, October 22, 2003 10:50 AM
To: Butters, Kevin; focus-ms (at) securityfocus (dot) com [email concealed]
Subject: RE: RSA key pair lifetime expiration
How did you determine that the key pair did not have an expiration?
Laura
> -----Original Message-----
> From: Kevin_Butters (at) NAI (dot) com [email concealed] [mailto:Kevin_Butters (at) NAI (dot) com [email concealed]]
> Sent: Wednesday, October 22, 2003 10:30 AM
> To: larobins (at) bellatlantic (dot) net [email concealed]; focus-ms (at) securityfocus (dot) com [email concealed]
> Subject: RE: RSA key pair lifetime expiration
>
>
> Expiration on the keys.
>
> I completed an x.509 cert request/retrieval from a CA. I then
> exported the x.509 cert including the private key. I imported
> the cert along with its key pair into PGP. Upon inspecting
> the key pair properties, I was able to determine that the
> x.509 cert had an expiration date, as defined by the CA, but
> the key pair generated on the MS client used for the x.509
> cert didn't have an expiration date. I would like to know if
> there is a way to set a key lifetime on the MS client without
> users possessing an RSA key pair without an expiration date.
>
> -K
>
>
> -----Original Message-----
> From: Laura A. Robinson [mailto:larobins (at) bellatlantic (dot) net [email concealed]]
> Sent: Wednesday, October 22, 2003 7:49 AM
> To: Butters, Kevin; focus-ms (at) securityfocus (dot) com [email concealed]
> Subject: RE: RSA key pair lifetime expiration
>
>
> Expiration on the keys, or on the certificate(s)?
>
> Laura
>
> > -----Original Message-----
> > From: Kevin_Butters (at) NAI (dot) com [email concealed] [mailto:Kevin_Butters (at) NAI (dot) com [email concealed]]
> > Sent: Tuesday, October 21, 2003 6:24 PM
> > To: focus-ms (at) securityfocus (dot) com [email concealed]
> > Subject: RSA key pair lifetime expiration
> >
> >
> > This may have been discussed before I am not sure. I
> noticed that the
> > RSA keypairs generated by MS clients before making a x.509 cert
> > request do not have an expiration date on them. Is there a way to
> > specify key pair lifetimes on MS clients?
> >
> > K
> >
> >
> >
> > --------------------------------------------------------------
> > -------------
> > FREE Whitepaper: Better Management for Network Security
> >
> > Looking for a better way to manage your IP security?
> > Learn how Solsoft can help you:
> > - Ensure robust IP security through policy-based management
> > - Make firewall, VPN, and NAT rules interoperable across
> heterogeneous
> > networks
> > - Quickly respond to network events from a central console
> >
> > Download our FREE whitepaper at:
> > http://www.securityfocus.com/sponsor/Solsoft_f> ocus-ms_031015
> >
> >
> > --------------------------------------------------------------
> > -------------
> >
>
>
------------------------------------------------------------------------
---
FREE Whitepaper: Better Management for Network Security
Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console
Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_focus-ms_031015
------------------------------------------------------------------------
---
[ reply ]