Operating Netscape Navigator in FIPS PUB 140-1 Compliant Mode
[Contents]
RESTORING THE
PKCS #11 DEFAULT
CONFIGURATION
- Open up a Netscape Navigator window.
- Note that this procedure assumes that the procedure to
configure the FIPS PUB 140-1 Security Module
has previously been accomplished. Also note that the user may want
to make sure that they have logged out from
the FIPS PUB 140-1 Security Module before continuing this procedure,
although this will be accomplished during the process of
restoring the PKCS #11 Security Module.
- In the Navigation Toolbar, click on the Security button.
The Security Info window should appear:
- In the left frame of the Security Info window,
click Cryptographic Modules. The Cryptographic Modules
section appears in the Security Info window:
- In the Cryptographic Modules list,
select FIPS PUB 140-1 and click Logout All
to make sure that all FIPS PUB 140-1 Security Modules
are logged off prior to restoring the PKCS #11 Cryptographic Module.
- Select the FIPS PUB 140-1 and click Delete.
The following dialog box appears, prompting you to load the
PKCS #11 Module:
- Click OK, and the following PKCS #11 Cryptographic Module
should be loaded:
- In the left frame of the Security Info window,
click Messenger. The Messenger section appears
in the Security Info window:
- Click Select S/MIME Ciphers. The Configure Ciphers
dialog box should appear.
Make sure that the following checkboxes are checked:
- Triple DES encryption in CBC mode with a 168-bit key
- RC2 encryption in CBC mode with a 128-bit key
- DES encryption in CBC mode with a 56-bit key
- RC2 encryption in CBC mode with a 64-bit key
- RC2 encryption in CBC mode with a 40-bit key
The dialog box should look exactly like this:
- Click OK and return to the Security Info window.
- In the left frame of the Security Info window,
click Navigator. The Navigator section appears in
the Security Info window.
Make sure that the check box in front of the SSL v2 line
is checked, so that the Navigator section looks like this:
- Click Configure SSL v3, and the Configure Ciphers
dialog box should appear.
Make sure that the following checkboxes are checked:
- RC4 encryption with a 128-bit key and an MD5 MAC
- Triple DES encryption with a 168-bit key and a SHA-1 MAC
- DES encryption with a 56-bit key and a SHA-1 MAC
- RC4 encryption with a 40-bit key and an MD5 MAC
- RC2 encryption with a 40-bit key and an MD5 MAC
- No encryption with an MD5 MAC
The dialog box should look exactly like this:
- Click OK and return to the Security Info window.
- Click OK to exit the Security Info window.
- NOTE: In order to utilize certificate database services,
a successful login must be accomplished into the PKCS #11 security module.
However, no login into the PKCS #11 security module is necessary for
cryptographic services, since all such services are public.
Last Updated: 02/26/98
Any sample code included above is provided for your use on an "AS IS" basis, under the Netscape License Agreement - Terms of Use