Operating Netscape Navigator in FIPS PUB 140-1 Compliant Mode

[Contents]


RESTORING THE PKCS #11 DEFAULT CONFIGURATION

  1. Open up a Netscape Navigator window.

  2. Note that this procedure assumes that the procedure to configure the FIPS PUB 140-1 Security Module has previously been accomplished. Also note that the user may want to make sure that they have logged out from the FIPS PUB 140-1 Security Module before continuing this procedure, although this will be accomplished during the process of restoring the PKCS #11 Security Module.

  3. In the Navigation Toolbar, click on the Security button. The Security Info window should appear:

  4. In the left frame of the Security Info window, click Cryptographic Modules. The Cryptographic Modules section appears in the Security Info window:

  5. In the Cryptographic Modules list, select FIPS PUB 140-1 and click Logout All to make sure that all FIPS PUB 140-1 Security Modules are logged off prior to restoring the PKCS #11 Cryptographic Module.

  6. Select the FIPS PUB 140-1 and click Delete. The following dialog box appears, prompting you to load the PKCS #11 Module:

  7. Click OK, and the following PKCS #11 Cryptographic Module should be loaded:

  8. In the left frame of the Security Info window, click Messenger. The Messenger section appears in the Security Info window:

  9. Click Select S/MIME Ciphers. The Configure Ciphers dialog box should appear.

    Make sure that the following checkboxes are checked:

    • Triple DES encryption in CBC mode with a 168-bit key
    • RC2 encryption in CBC mode with a 128-bit key
    • DES encryption in CBC mode with a 56-bit key
    • RC2 encryption in CBC mode with a 64-bit key
    • RC2 encryption in CBC mode with a 40-bit key

    The dialog box should look exactly like this:

  10. Click OK and return to the Security Info window.

  11. In the left frame of the Security Info window, click Navigator. The Navigator section appears in the Security Info window.

    Make sure that the check box in front of the SSL v2 line is checked, so that the Navigator section looks like this:

  12. Click Configure SSL v3, and the Configure Ciphers dialog box should appear.

    Make sure that the following checkboxes are checked:

    • RC4 encryption with a 128-bit key and an MD5 MAC
    • Triple DES encryption with a 168-bit key and a SHA-1 MAC
    • DES encryption with a 56-bit key and a SHA-1 MAC
    • RC4 encryption with a 40-bit key and an MD5 MAC
    • RC2 encryption with a 40-bit key and an MD5 MAC
    • No encryption with an MD5 MAC

    The dialog box should look exactly like this:

  13. Click OK and return to the Security Info window.

  14. Click OK to exit the Security Info window.

  15. NOTE: In order to utilize certificate database services, a successful login must be accomplished into the PKCS #11 security module. However, no login into the PKCS #11 security module is necessary for cryptographic services, since all such services are public.

Last Updated: 02/26/98

Any sample code included above is provided for your use on an "AS IS" basis, under the Netscape License Agreement - Terms of Use