Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-26 14:22:01 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Added files & initial placeholders for PSM 2.0 help & related docs.

Browse Source
This commit is contained in:
cotter%netscape.com 2001-03-23 20:24:47 +00:00
parent ffc1f28f01
commit 36be12a9bc
21 changed files with 3397 additions and 665 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
extensions/help/resources/locale/en-US/cert_concepts_help.html Normal file
View File

@ -0,0 +1,70 @@
<html>
<head>
<title>Understanding Certificates</title>
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
</head>
<body bgcolor="white">
<a NAME="certs&security_first"></a>
<h1>Understanding Certificates</h1>
<p><b>[intro text]</b></p>
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
<tr>
<td class="inthissection">
<p>In this section:</p>
<p><a href="#Internet_Security_Issues">Internet Security Issues</a></p>
<p><a href="#Encryption_and_Decryption">Encryption and Decryption</a></p>
<p><a href="#Public-Key_Cryptography">Public-Key Cryptography</a></p>
<p><a href="#Digital_Signatures">Digital Signatures</a></p>
<p><a href="#Certificates<">Certificates</a></p>
</td>
</tr>
</table>
<p>&nbsp;</p>
<a NAME="Internet_Security_Issues"></a>
<h2>Internet Security Issues</h2>
<p><b>[text to come]</b></p>
<p>&nbsp;</p>
<a NAME="Encryption_and_Decryption"></a>
<h2>Encryption and Decryption</h2>
<p><b>[text to come]</b></p>
<p>&nbsp;</p>
<a NAME="Public-Key_Cryptography"></a>
<h2>Public-Key Cryptography</h2>
<p><b>[text to come]</b></p>
<p>&nbsp;</p>
<a NAME="Digital_Signatures"></a>
<h2>Digital Signatures</h2>
<p><b>[text to come]</b></p>
<p><b>[text to come]</b></p>
<p>&nbsp;</p>
<a NAME="Certificates"></a>
<h2>Certificates</h2>
<p><b>[text to come]</b></p>
<hr>
<p><i>2/5/2001</i></p>
<p>Copyright &copy; 1994-2001 Netscape Communications Corporation.</p>
</body>
</html>

287
extensions/help/resources/locale/en-US/cert_dialog_help.html Normal file
View File

@ -0,0 +1,287 @@
<html>
<head>
<title>Certificate Information and Decisions Help</title>
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
</head>
<body bgcolor="white">
<a NAME="cert_dialog_help_first"></a>
<h1>Certificate Information and Decisions</h1>
<p><b>[intro text]</b></p>
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
<tr>
<td class="inthissection">
<p>In this section:</p>
<p><a href="#Certificate_Details">Certificate Details</a></p>
<p><a href="#Enrollment_Informatio">Enrollment Information</a></p>
<p><a href="#Certificate_Renewal">Certificate Renewal</a></p>
<p><a href="#User_Identification_Request">User Identification Request</a></p>
<p><a href="#New_Certificate_Authority">New Certificate Authority</a></p>
<p><a href="#Web_Site_Certificates">Web Site Certificates</a></p>
</td>
</tr>
</table>
<p><b>[text to come</b>
<p>&nbsp;</p>
<a NAME="Certificate_Details"></a>
<h2>Certificate Details</h2>
<p>The Certificate Details window displays information about the certificate you selected in one of the Certificate Manager tabs. You can also click <b>[what? where?]</b> to see a complete text version of the certificate (normally of interest to IS professionals only).</P>
<p>The Certificate Details window shows the following information about the selected certificate: </P>
<ul><LI>Whether the certificate has been verified, and if so for what uses. See <a href="glossary.html#certificate verification">certificate verification</a> for a discussion of how the Certificate Manager verifies certificates. Uses can include any of the following: </LI>
<ul>
<LI><B>SSL Client.</B> Certificate used to identify you to web sites.</LI>
<LI><B>SSL Server.</B> Certificate used to identify a web site server to browsers.</LI>
<LI><B>Email Signer.</B> Certificate used to identify you for the purposes of digitally signing email messages.</LI>
<LI><B>Email Recipient.</B> Certificate used to identify someone else, for example so you can send that person encrypted email.</LI>
<LI><B>Status Responder.</B> Certificate used to identify an on-line status responder that uses the Online Certificate Status Protocol (OCSP) to check the validity of certificates. For more information about OCSP, see <a href="validation_help.html">Validation Settings</a>.</LI>
<LI><B>Certificate Authority.</B> Certificate used to identify a certificate authority&#151;that is, a service that issues certificates for use as identification over computer networks.</LI></ul>
<LI><p><B>Name.</B> The name of the person or other entity that the certificate identifies.</LI>
<LI><B>Issued Under.</B> The name of the organization that issued the certificate. You can click this name to view the issuer's certificate (if it is available to Personal Security Manager) in a new View Security Certificate window. By clicking the "Issued Under" name in successive View Security Certificate windows, you can view each certificate in the original certificate's <a href="glossary.html#certificate chain">certificate chain</a>.</LI>
<LI><B>Serial Number.</B> The certificate's serial number.</LI>
<LI><B>Validity.</B> The period of time during which the certificate can be used.</LI>
<LI><B>Fingerprint.</B> A unique number associated with a certificate. The number is produced by applying a mathematical function to the contents of the certificate. A certificate's fingerprint can be used to verify that the certificate has not been tampered with.</LI></ul>
<p><b>[Next two Certificate Details sections are placeholders--not yet sure how UI will look for this.]</b>
<p><A NAME="View_Certificate_Details">
<b>
View Certificate Details</b></A></p>
<p>When you click View More Info in the upper-right corner of the View Security Certificate window, a View Certificate Details window opens that displays the complete contents of the certificate. This information is normally of interest to IS professionals only. </P>
<p>Certificate Manager displays basic ANSI types in human-readable form wherever possible. For fields whose contents it cannot interpret, Personal Security Manager simply displays the actual values contained in the certificate.</P>
<A NAME="View Security Certificate&#151;Issuer Not Found">
<p><b>View Security Certificate&#151;Issuer Not Found</b></p></A>
<p>When you click the name of a certificate's issuer (labeled "Issued Under:") in the View Security Certificate window, a new View Security Certificate window opens with information about the issuer's certificate&#151;unless Certificate Manager does not have that certificate on file. In this case, the new window informs you that the issuer's certificate could not be found.</P></A>
<p>&nbsp;</p>
<a NAME="Choose_Security_Device"></a>
<h2>Choose Security Device</h2>
<p>A security device (sometimes called a token) is a hardware or software device that provides cryptographic services such as encryption and decryption and stores certificates and keys. The Choose Security Device window appears when Certificate Manager needs help deciding which security device to use when importing a certificate or performing a cryptographic operation, such as generating keys for a new certificate. This window allows you to select one of two or more security devices that Certificate Manager has detected on your machine.
<p>A smart card is one example of a security device. For example, if a smart card reader connected to your computer has a smart card inserted in it, the name of the smart card will show up in the drop-down menu. In this case, you must choose the name of the smart card from the menu to let Certificate Manager know that you want to use it.
<p>The Certificate Manager also supplies its own default, built-in security device, which can always be used no matter what additional devices are or aren't available.
<p>&nbsp;</p>
<a NAME="Enrollment_Information"></a>
<h2>Enrollment Information</h2>
<p>The following windows may appear while you are attempting to obtain a certificate from a certificate authority (a process sometimes called <I>certificate enrollment</I>): </P>
<ul><LI><a href="cert_dialog_help.html#Encryption_Key_Copy">Encryption Key Copy</a></LI>
<LI><a href="cert_dialog_help.html#Certificate_Backup">Certificate_Backup</a>
</LI></A><BR></ul>
<p>&nbsp;</p>
<a NAME="Encryption_Key_Copy"></a>
<h3>Encryption Key Copy</h3>
<p><a href="glossary.html#certificate authority (CA)">Certificate authorities (CAs)</a> that issue separate signing and encryption email certificates typically make backup copies of your private encryption key during the certificate enrollment process. Separate signing and encryption certificates require client software that supports <a href="glossary.html#dual key pairs">dual key pairs</a> for use in signing and encrypting email.</P>
<p>It's important to understand that a CA that has archived a backup copy of your encryption key has the potential capability of decrypting any messages encrypted with your public key. If you trust your CA with this capability, click OK. After your CA makes a backup copy of the encryption key, you will be able to use that key to access your encrypted mail even if you lose your password or lose your own copy of the key. If no backup copy of your encryption key exists and you lose your password or the key, you will have no way of reading any of your encrypted email messages.</P></A>
<p>If you don't trust the CA that is requesting the backup copy, don't request a certificate from it. Click Cancel to stop both the backup procedure and the request for a certificate.</P>
<p>If you are not sure whether to trust the CA that is requesting the backup copy, talk to your system administrator.</P></A>
<p>&nbsp;</p>
<a NAME="Certificate_Backup"></a>
<h3>Certificate Backup</h3>
<p>When you receive a certificate, make a backup copy of the certificate and its private key, then store the copy in a safe place. For example, you can put the copy on a floppy disk and store it with other valuable items under lock and key. That way, even if you have hard disk or file corruption problems, you can easily restore the certificate.</P>
<p>It can be inconvenient, at best, and in some situations catastrophic to lose your certificate and its associated private key, depending on what you use it for. For example:</P>
<ul>
<LI>If you lose a certificate that identifies you to important web sites, you will not be able to access those web sites until you obtain a new certificate. </LI><
<LI>If you lose a certificate used to encrypt email messages, you will not be able to read any of your encrypted email&#151;including both encrypted messages that you have sent and encrypted messages that you have received. In this case, if you cannot obtain a backup of the private encryption key associated with the certificate, you will never be able to read any of the messages encrypted with that key.</LI>
</ul>
<p>Like any other valuable data, certificates should be backed up to avoid future trouble and expense. Do it now so you don't forget.</P>
<p>&nbsp;</p>
<a NAME="Certificate_Renewal"></a>
<h2>Certificate Renewal</h2>
<p>Like a credit card, a driver's license, and many other forms of identification, a certificate is valid for a specified period of time. When a certificate expires, you need to get a new one&#151;unless you have decided that you don't need that certificate anymore. </P>
<p>Certifocate Manager displays the Certificate Renewal window when it detects that one of your certificates is about to expire. Information about the certificate is displayed at the top of the window. The information provided includes the name of the CA that issued the certificate (labeled "Issued Under").</P>
<p>The Certificate Renewal window allows you to make one of two decisions:</P>
<ul>
<LI><B>Renew this certificate now.</B> If you select this option, Certificate Manager initiates the renewal process.</LI>
<LI><B>Remind me to renew this certificate later.</B> If you select this option, Certificate Manager will not initiate the renewal process, but will remind you again later.</LI></A></ul>
<p>&nbsp;</p>
<a NAME="Choosing_a_Certificate"></a>
<h2>Choosing a Certificate</h2>
<p>The following windows may appear when you view a web page that requires your certificate, or when you have more than one certificate with the same name.</P>
<ul>
<LI><a href="#User_Identification_Request">User Identification Request</a></LI><BR>
<LI><a href="#Choose_Security_Certificate">Choose Security Certificate</a></LI></ul>
<p>&nbsp;</p>
<a NAME="User_Identification_Request"></a>
<h3>User Identification Request</h3>
<P>Some web sites require that you identify yourself with a certificate rather than a name and password, because certificates provide a more reliable form of identification. This method of identifying yourself over the Internet is sometimes called <a href="glossary.html#client authentication">client authentication</a>.
<p>However, Certificate Manager may have more than one certificate on file that can be used for the purposes of identifying yourself to a web site. In this case, Certificate Manager presents the User Identification Request window, which allows you to select the appropriate certificate for the web site you want to visit.</P>
<p>Web sites can also use certificates to identify themselves. The certificate presented by the web site you want to visit is displayed in the top part of this window. The information provided includes the name of the CA that issued the certificate (labeled "Issued Under").</P>
<p>The certificates you have available for the purposes of identifying yourself to a web site are listed in the drop-down menu in the bottom part of the window. Choose the certificate that seems most likely to be recognized by the web site you want to visit.</P></A>
<p>&nbsp;</p>
<a NAME="Choose_Security_Certificate"></a>
<h3>Choose Security Certificate</h3>
<p>The Choose Security Certificate window appears when Personal Security Manager has more than one certificate with the same name in its certificate store. Use this window to select the certificate you want to use. For example, if there are several certificates with the same name but different validity periods, you would normally want choose the one most recently issued.</P>
<p>&nbsp;</p>
<a NAME="New_Certificate_Authority"></a>
<h2>New Certificate Authority</h2>
<p>The certificates the Certificate Manager has on file, whether stored on your computer or on an external security device such as a smart card, include certificates that identify a <a href="glossary.html#certificate authority (CA)">certificate authorities (CAs)</a>. To be able to recognize any other certificates it has on file, Certificate Manager must have certificates for the CAs that issued or authorized issuance of those certificates. When you decide to trust a CA, Certificate Manager files that CA's certificate and can then recognize the kinds of certificates you trust that CA to issue.</P>
<p><b>[what follows needs updating for new UI]</b>
<p>Certificate Manager displays two windows that allow you to specify that you trust a new CA:</P>
<ul>
<LI><B>New Certificate Authority: Step 1.</B> Before you decide to trust a new CA, make sure that you know who is operating it. Make sure the CA's policies and procedures and are appropriate for the kinds of certificates it issues. For example, if the CA issues certificates identifying web sites you use for financial transactions, make sure you are comfortable with the level of assurance the CA provides.</LI></A><P><A NAME="1039965"><LI><B>New Certificate Authority: Step 2.</B> At this stage, you need to decide what kinds of certificates issued by this CA you want to trust. You can select any of the following options:</LI></A><ul>
<P><A NAME="1040097"><LI><B>Trust this CA to identify web sites. </B>As noted above, web site certificates for some sites, such as those that handle financial transactions, can be extremely important, and inappropriate or false identification can have negative consequences.</LI></A><P><A NAME="1040098"><LI><B>Trust this CA to identify email users. </B>If you intend to send email users confidential information in encrypted form, or if accurate identification of email users is important to you for any other reason, you should consider carefully the CA's procedures for identifying prospective certificate owners and whether they are appropriate for your purposes before selecting this option.</LI></A><P><A NAME="1052784"><LI><B>Trust this CA to identify software developers.</B> Selecting this option means that you trust the CA to issue certificates that identify the origin of Java applets and JavaScript scripts requesting special access to your computer, such as the ability to change files. Since such access privileges can be misused, for example to destroy data stored on your hard disk, be very careful about selecting this option unless you are certain that you trust the CA for this purpose.</LI></A></ul>
</ul><
<p>&nbsp;</p>
<a NAME="Web_Site_Certificates"></a>
<h2>Web Site Certificates</h2>
<p>One of the following windows may appear when you attempt to go to a web site that supports <a href="glossary.html#authentication">authentication</a> and <a href="glossary.html#9encryption">encryption</a>:</P>
<ul>
<LI><a href="#New_Web_Site_Certificate">New Web Site Certificate</a></LI>
<LI><a href="#Expired_Web_Site_Certificate">Expired Web Site Certificate</a></LI>
<LI><a href="#Web_Site_Certificate_Not_Yet_Valid">Web Site Certificate Not Yet Valid</a></LI>
<LI><a href="#Unexpected_Certificate_Name">Unexpected Certificate Name</a></LI>
</ul>
<p>&nbsp;</p>
<a NAME="New_Web_Site_Certificate"></a>
<h3>New Web Site Certificate</h3>
<p>Many web sites use certificates to identify themselves when you visit the site. If Personal Security Manager doesn't recognize the <a href="glossary.html#certificate authority (CA)">certificate authority (CA)</a> that issued a web site's certificate, it displays the following windows:</P>
<p><b>[following needs updating for new UI</b>
<ul><P><A NAME="1040184"><LI><B>New Web Site Certificate: Step 1.</B> To examine the certificate, click View. If you believe that this web site is the site the certificate says it is, click Next. If you suspect that the web site is not what it claims to be, you can either click Cancel (in which case you will not connect to the web site) or click Next to go to Step 2.</LI></A><P><A NAME="1040198"><LI><B>New Web Site Certificate: Step 2.</B> If you clicked Next in Step 1, you now have to decide how long you are willing to trust this certificate, if at all:</LI></A><ul>
<P><A NAME="1040219"><LI><B>Accept this certificate permanentl</B>y means that Personal Security Manager will recognize this certificate as legitimate identification until it expires. You should not select this option unless you are absolutely sure that you trust the web site identified by the certificate.</LI></A><P><A NAME="1040237"><LI><B>Accept this certificate temporarily for this session</B> means that Personal Security Manager will recognize this certificate as legitimate identification for this session only. If you select this option, Personal Security Manager will connect with the web site this time, but will display the New Web Site Certificate window again the next time you visit the web site.</LI></A><P><A NAME="1040288"><LI><B>Do not accept this certificate and do not connect to the web site</B> means that Personal Security Manager will not accept this certificate. If you select this option, Personal Security Manager will not connect with this web site this time and will display the New Web Site Certificate window again the next time you visit the web site.</LI></A></ul>
</ul><A NAME="1049516">
<p>&nbsp;</p>
<a NAME="Expired_Web_Site_Certificate"></a>
<h3>Expired Web Site Certificate</h3>
<p>Like a credit card, a driver's license, and many other forms of identification, a <a href="glossary.html#certificate">certificate</a> is valid for a specified period of time. When a certificate expires, the owner of the certificate needs to get a new one.</P></A>
<p>Certificate Manager displays the Expired Web Site Certificate window when you attempt to visit a web site whose certificate has expired. As the window explains, the first thing you should do is make sure the time and date displayed by your computer is correct. If your computer's clock is set to a date that is after the expiration date, Certificate Manager treats the web site's certificate as expired. </P></A>
<p>You can examine information about the certificate, including its validity period, by clicking the View button.</P></A>
<p>The decision whether to trust the site anyway depends on what you intend to do at the site and what else you know about it. Most commercial sites will make sure that they replace their certificates before they expire. </P>
<p>If you believe the certificate's expiration is an inadvertent error, you may want to accept the certificate anyway for this session and let the webmaster for the site know about the problem. </P>
<p>If you suspect that there may be a more significant problem, either accept the certificate and be cautious about any actions you take while you are visiting the site, or do not accept the certificate (in which case the browser will not connect you to the site).</P></A>
<p>&nbsp;</p>
<a NAME="Web_Site_Certificate_Not_Yet_Valid"></a>
<h3>Web Site Certificate Not Yet Valid</h3>
<p>Like a credit card, a driver's license, and many other forms of identification, a <a href="glossary.html#certificate">certificate</a> is valid for a specified period of time.</P>
<p>Certificate Manager displays the Web Site Certificate Not Yet Valid window when you attempt to visit a web site whose certificate's validity period has not yet started. The first thing you should do is make sure the time and date displayed by your own computer is correct. If your computer's clock is set to the wrong date, Certificate Manager may treat the web site's certificate as not yet valid even if this is not the case. </P>
<p>You can examine information about the certificate, including its validity period, by clicking the View button.</P></A>
<p>The decision whether to trust the site anyway depends on what you intend to do at the site and what else you know about it. Most commercial sites will make sure that the validity period for their certificates has begun before beginning to use them. </P>
<p>If you believe the certificate's expiration is an inadvertent error, you may want to accept the certificate anyway for this session and let the webmaster for the site know about the problem. </P>
<p>If you suspect that there may be a more significant problem, either accept the certificate and be cautious about any actions you take while you are visiting the site, or do not accept the certificate (in which case Personal Security Manager will not connect you to the site).</P></A>
<p>&nbsp;</p>
<a NAME="Unexpected_Certificate_Name"></a>
<h3>Unexpected Certificate Name</h3>
<p>A web site <a href="glossary.html#certificate">certificate</a> specifies the name of the web site in the form of the site's host name. For example, the host name for Netscape Netcenter is <FONT FACE="courier, courier new, monospace">home.netscape.com</FONT>. If the host name in a web site's certificate doesn't match the actual host name of the web site, it may be a sign that someone is attempting to intercept your communication with the web site.</P>
<p>The decision whether to trust the site anyway depends on what you intend to do at the site and what else you know about it. Most commercial sites will make sure that the host name for a web site certificate matches the web site's actual host name.</P></A>
<p>If you decide to accept the certificate anyway for this session, you should be cautious about what you do on the web site, and you should treat any information you find there as potentially suspect.</P></A>
<hr>
<p><i>3/21/2001</i></p>
<p>Copyright &copy; 1994-2001 Netscape Communications Corporation.</p>
</body>
</html>

183
extensions/help/resources/locale/en-US/certs_help.html Normal file
View File

@ -0,0 +1,183 @@
<html>
<head>
<title>Certificate Manager Help</title>
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
</head>
<body bgcolor="white">
<a NAME="certs_first"></a>
<h1>Certificate Manager</h1>
<p><b>[intro text to come]</b></p>
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
<tr>
<td class="inthissection">
<p>In this section:</p>
<p><a href="#My_Certificates">My Certificates</a></p>
<p><a href="#Web_Site_Certificates">Web Site Certificates</a></p>
<p><a href="#CA_Certificates">CA Certificates</a></p>
<p><a href="#Security_Devices">Security Devices</a></p>
</td>
</tr>
</table>
<p>&nbsp;</p>
<a NAME="My_Certificates"></a>
<h2>My Certificates</h2>
<p>The My Certificates tab in the Certificate Manager allows you to examine and work with the certificates you have on file that identify you, and to set related security passwords. To select a certificate, click its name. To select more than one certificate, hold down the Shift key and click the names of those you want to select.
<p>To perform any of the actions listed here, select the certificates on which you want to act and follow these instructions:
<UL>
<LI>To examine the selected certificates, click View.</LI>
<LI>To initiate the process of backing up the selected certificates, click Backup. A window appears that allows you to choose a password to protect the backup. You can then save the backup in a directory of your choice.</LI>
<LI>To delete the selected certificate, click Delete.</LI>
</UL>
<P>The following actions don't require a certificate to be selected first:</P>
<UL>
<LI>To restore a certificate that was previously backed up, click Restore. When you click Restore, the browser first asks you to locate the file that contains the backup. The names of certificate backup files typically end in <tt>.p12</tt>; for example, </tt>MyCert.p12</tt>. After you select the file to be restored, the browser asks you to enter the portable security password that was set when the certificate was backed up.</LI>
<LI>To initiate the process of backing up all the certificates stored on the software security device used by the browser, click Backup All.
<UL><p><b>Back up smart card certificates one at a time:</b> Certificates stored on any other security device, such as a smart card in a smart card reader attached to your computer, will not be backed up by the Backup All button. To back up such certificates, select them individually, then click Backup.</UL>
</UL>
<p>
[&nbsp;<A HREF="#certs_first">Return to beginning of Certificate Manager section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="Choose_a_Certificate_Backup_Password"></a>
<H3>Choose a Certificate Backup Password</H3>
<P>A certificate backup password protects one or more certificates that you are backing up using the Backup or Backup All button in the My Certificates panel of the Certificate Manager. The browser asks you to set a certificate backup password when you back up certificates, and requests it when you attempt to restore certificates that have previously been backed up.</P>
<P><b>Important:</b> When you click the Backup All button, the browser attempts to back up all of your certificates and associated private keys stored on the browser's software security device. The Backup All button does not back up any certificates that are stored on security devices other than the browser's own software security device. For example, Backup All will not back up any certificates in the list that are stored on a smart card inserted in a smart card reader attached to your computer. Certificates stored on devices other than the browser's software security device must be backed up by selecting their names and clicking the Backup button.</P>
<p>If someone obtains the file containing a certificate that you have backed up and successfully restores the certificate, that person can send messages or access web sites while pretending to be you. This can have negative consequences, for example, if you digitally sign important email messages or manage your bank or investment accounts over the Internet. Therefore, it's important to select a certificate backup password that is difficult to guess. It's also important to record the password in a safe place—and not anywhere that's easily accessible to someone else. If you forget this password, you can't restore the backup of your certificate.</p>
<p>
[&nbsp;<A HREF="#certs_first">Return to beginning of Certificate Manager section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="Delete_My_Certificate"></a>
<h3>Delete My Certificate</h3>
<P>Before deleting any of your own certificates—even one that has expired—make sure that you won't need it again some day. For example, you can use your own expired certificate for reading old email messages that you may have encrypted with the corresponding private key.
</P>
<p>
[&nbsp;<A HREF="#certs_first">Return to beginning of Certificate Manager section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="Web_Site_Certificates"></a>
<h2>Web Site Certificates</h2>
<p>The Web Site Certificates tab in the Certificate Manager allows you to examine and work with the certificates you have on file that identify web sites.
<p>To perform any of the actions listed here, select the certificate on which you want to act from the list of web site certificates, then follow these instructions:
<ul>
<li>To examine the selected certificate, click View.
<li>To change the trust settings that Certificate Manager associates with the selected certificate, click Edit. You can use these settings to designate a web site certificate as one that you trust or don't trust for identification purposes.
<li>To delete the selected certificate, click Delete.
</ul>
<p>&nbsp;</p>
<a NAME="Edit_Web_Site_Certificate_Settings"></a>
<h3>Edit Web Site Certificate Settings</h3>
<p>When you select a web site certificate and click Edit, you see a window titled Edit Certificate Settings. Here you specify whether you want to trust the selected certificate for identifying the web site and setting up an encrypted connection with it.
<p>If you select "Do not trust the authenticity of this certificate" and click OK, Certificate Manager will no longer trust this certificate for the purposes of identifying this web site or setting up an encrypted connection. If you select this setting and then attempt to visit the web site, you will see one or more warning messages before you can access the site.
<p>If you select "Trust the authenticity of this certificate" and click OK, Certificate Manager will henceforth trust this certificate for the purposes of identifying this web site or setting up an encrypted connection. If you select this setting and then attempt to visit the web site, your browser will access the site with few, if any, warnings.
In addition to specifying these settings for the certificate shown, you can specify trust settings for the certificate authority (CA) that issued the certificate—that is, you can choose to trust or not to trust different kinds of certificates issued by that certificate authority. For example, you can choose not to trust any web site certificates issued by that certificate authority.
To edit the certificate settings for the certificate authority that issued the certificate described in the window, click the Edit button.
<p>
[&nbsp;<A HREF="#certs_first">Return to beginning of Certificate Manager section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="Delete_Web_Site_Certificate"></a>
<h3>Delete Web Site Certificate</h3>
<p>Before deleting a web site certificate, make sure that you won't need it again for the purposes of identifying a web site and setting up an encrypted connection.
<p>
[&nbsp;<A HREF="#certs_first">Return to beginning of Certificate Manager section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="CA_Certificates"></a>
<h2>CA Certificates</h2>
<p>The CA Certificates tab in the Certificate Manager allows you to examine and work with the certificates you have on file that identify certificate authorities (CAs).
<p>To perform any of the actions listed here, select the certificate on which you want to act from the list of CA certificates and then follow the instructions:
<ul>
<li>To examine the CA certificate, click View.
<li>To check the settings that Personal Security Manager associates with the CA certificate, click Edit. You can use these settings to specify the certificate authority identified by that certificate as one that you trust or don't trust.
<li>To delete a certificate, click Delete.
</ul>
<p>&nbsp;</p>
<a NAME="Edit_CA_Certificate_Settings"></a>
<h3>Edit CA Certificate Settings</h3>
<p>When you select a CA certificate and click Edit, you see a window titled Edit Security Certificate Settings. Here you specify the kinds of certificates you trust this CA to certify. If you deselect all the checkboxes, Certificate Manager will not trust any certificates issued by this CA.
<p>If you select "This CA can identify web sites," Personal Security Manager will trust certificates issued by this CA for purposes of identifying web sites and encrypting web site connections. If you deselect this checkbox, Certificate Manager will not trust web site certificates issued by this CA.
<p>If you select "This CA can identify mail users," Personal Security Manager will trust certificates issued by this CA for purposes of signing or encrypting email. If you deselect this checkbox, Certificate Manager will not trust email certificates issued by this CA.
<p>If you select "This CA can identify software makers," Certificate Manager will trust certificates issued by this CA for the purpose of identifying software makers. If you deselect this checkbox, Certificate Manager will not trust such certificates issued by this CA.
<p>Click OK to implement the settings you have selected.
<p>
[&nbsp;<A HREF="#certs_first">Return to beginning of Certificate Manager section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="Delete_CA_Certificate"></a>
<h3>Delete CA Certificate</h3>
<p>Before deleting a CA certificate, make sure that you won't need it again to validate certificates issued by that CA. If you delete the only valid certificate you have for a CA, Certificate Manager will no longer trust any certificates issued by that CA.
<p>
[&nbsp;<A HREF="#certs_first">Return to beginning of Certificate Manager section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="Security_Devices"></a>
<h3>Security Devices</h3>
<p><b>[text to come]</b>
<hr>
<p><i>3/19/2001</i></p>
<p>Copyright &copy; 1994-2001 Netscape Communications Corporation.</p>
</body>
</html>

183
extensions/help/resources/locale/en-US/certs_help.xhtml Normal file
View File

@ -0,0 +1,183 @@
<html>
<head>
<title>Certificate Manager Help</title>
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
</head>
<body bgcolor="white">
<a NAME="certs_first"></a>
<h1>Certificate Manager</h1>
<p><b>[intro text to come]</b></p>
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
<tr>
<td class="inthissection">
<p>In this section:</p>
<p><a href="#My_Certificates">My Certificates</a></p>
<p><a href="#Web_Site_Certificates">Web Site Certificates</a></p>
<p><a href="#CA_Certificates">CA Certificates</a></p>
<p><a href="#Security_Devices">Security Devices</a></p>
</td>
</tr>
</table>
<p>&nbsp;</p>
<a NAME="My_Certificates"></a>
<h2>My Certificates</h2>
<p>The My Certificates tab in the Certificate Manager allows you to examine and work with the certificates you have on file that identify you, and to set related security passwords. To select a certificate, click its name. To select more than one certificate, hold down the Shift key and click the names of those you want to select.
<p>To perform any of the actions listed here, select the certificates on which you want to act and follow these instructions:
<UL>
<LI>To examine the selected certificates, click View.</LI>
<LI>To initiate the process of backing up the selected certificates, click Backup. A window appears that allows you to choose a password to protect the backup. You can then save the backup in a directory of your choice.</LI>
<LI>To delete the selected certificate, click Delete.</LI>
</UL>
<P>The following actions don't require a certificate to be selected first:</P>
<UL>
<LI>To restore a certificate that was previously backed up, click Restore. When you click Restore, the browser first asks you to locate the file that contains the backup. The names of certificate backup files typically end in <tt>.p12</tt>; for example, </tt>MyCert.p12</tt>. After you select the file to be restored, the browser asks you to enter the portable security password that was set when the certificate was backed up.</LI>
<LI>To initiate the process of backing up all the certificates stored on the software security device used by the browser, click Backup All.
<UL><p><b>Back up smart card certificates one at a time:</b> Certificates stored on any other security device, such as a smart card in a smart card reader attached to your computer, will not be backed up by the Backup All button. To back up such certificates, select them individually, then click Backup.</UL>
</UL>
<p>
[&nbsp;<A HREF="#certs_first">Return to beginning of Certificate Manager section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="Choose_a_Certificate_Backup_Password"></a>
<H3>Choose a Certificate Backup Password</H3>
<P>A certificate backup password protects one or more certificates that you are backing up using the Backup or Backup All button in the My Certificates panel of the Certificate Manager. The browser asks you to set a certificate backup password when you back up certificates, and requests it when you attempt to restore certificates that have previously been backed up.</P>
<P><b>Important:</b> When you click the Backup All button, the browser attempts to back up all of your certificates and associated private keys stored on the browser's software security device. The Backup All button does not back up any certificates that are stored on security devices other than the browser's own software security device. For example, Backup All will not back up any certificates in the list that are stored on a smart card inserted in a smart card reader attached to your computer. Certificates stored on devices other than the browser's software security device must be backed up by selecting their names and clicking the Backup button.</P>
<p>If someone obtains the file containing a certificate that you have backed up and successfully restores the certificate, that person can send messages or access web sites while pretending to be you. This can have negative consequences, for example, if you digitally sign important email messages or manage your bank or investment accounts over the Internet. Therefore, it's important to select a certificate backup password that is difficult to guess. It's also important to record the password in a safe place—and not anywhere that's easily accessible to someone else. If you forget this password, you can't restore the backup of your certificate.</p>
<p>
[&nbsp;<A HREF="#certs_first">Return to beginning of Certificate Manager section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="Delete_My_Certificate"></a>
<h3>Delete My Certificate</h3>
<P>Before deleting any of your own certificates—even one that has expired—make sure that you won't need it again some day. For example, you can use your own expired certificate for reading old email messages that you may have encrypted with the corresponding private key.
</P>
<p>
[&nbsp;<A HREF="#certs_first">Return to beginning of Certificate Manager section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="Web_Site_Certificates"></a>
<h2>Web Site Certificates</h2>
<p>The Web Site Certificates tab in the Certificate Manager allows you to examine and work with the certificates you have on file that identify web sites.
<p>To perform any of the actions listed here, select the certificate on which you want to act from the list of web site certificates, then follow these instructions:
<ul>
<li>To examine the selected certificate, click View.
<li>To change the trust settings that Certificate Manager associates with the selected certificate, click Edit. You can use these settings to designate a web site certificate as one that you trust or don't trust for identification purposes.
<li>To delete the selected certificate, click Delete.
</ul>
<p>&nbsp;</p>
<a NAME="Edit_Web_Site_Certificate_Settings"></a>
<h3>Edit Web Site Certificate Settings</h3>
<p>When you select a web site certificate and click Edit, you see a window titled Edit Certificate Settings. Here you specify whether you want to trust the selected certificate for identifying the web site and setting up an encrypted connection with it.
<p>If you select "Do not trust the authenticity of this certificate" and click OK, Certificate Manager will no longer trust this certificate for the purposes of identifying this web site or setting up an encrypted connection. If you select this setting and then attempt to visit the web site, you will see one or more warning messages before you can access the site.
<p>If you select "Trust the authenticity of this certificate" and click OK, Certificate Manager will henceforth trust this certificate for the purposes of identifying this web site or setting up an encrypted connection. If you select this setting and then attempt to visit the web site, your browser will access the site with few, if any, warnings.
In addition to specifying these settings for the certificate shown, you can specify trust settings for the certificate authority (CA) that issued the certificate—that is, you can choose to trust or not to trust different kinds of certificates issued by that certificate authority. For example, you can choose not to trust any web site certificates issued by that certificate authority.
To edit the certificate settings for the certificate authority that issued the certificate described in the window, click the Edit button.
<p>
[&nbsp;<A HREF="#certs_first">Return to beginning of Certificate Manager section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="Delete_Web_Site_Certificate"></a>
<h3>Delete Web Site Certificate</h3>
<p>Before deleting a web site certificate, make sure that you won't need it again for the purposes of identifying a web site and setting up an encrypted connection.
<p>
[&nbsp;<A HREF="#certs_first">Return to beginning of Certificate Manager section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="CA_Certificates"></a>
<h2>CA Certificates</h2>
<p>The CA Certificates tab in the Certificate Manager allows you to examine and work with the certificates you have on file that identify certificate authorities (CAs).
<p>To perform any of the actions listed here, select the certificate on which you want to act from the list of CA certificates and then follow the instructions:
<ul>
<li>To examine the CA certificate, click View.
<li>To check the settings that Personal Security Manager associates with the CA certificate, click Edit. You can use these settings to specify the certificate authority identified by that certificate as one that you trust or don't trust.
<li>To delete a certificate, click Delete.
</ul>
<p>&nbsp;</p>
<a NAME="Edit_CA_Certificate_Settings"></a>
<h3>Edit CA Certificate Settings</h3>
<p>When you select a CA certificate and click Edit, you see a window titled Edit Security Certificate Settings. Here you specify the kinds of certificates you trust this CA to certify. If you deselect all the checkboxes, Certificate Manager will not trust any certificates issued by this CA.
<p>If you select "This CA can identify web sites," Personal Security Manager will trust certificates issued by this CA for purposes of identifying web sites and encrypting web site connections. If you deselect this checkbox, Certificate Manager will not trust web site certificates issued by this CA.
<p>If you select "This CA can identify mail users," Personal Security Manager will trust certificates issued by this CA for purposes of signing or encrypting email. If you deselect this checkbox, Certificate Manager will not trust email certificates issued by this CA.
<p>If you select "This CA can identify software makers," Certificate Manager will trust certificates issued by this CA for the purpose of identifying software makers. If you deselect this checkbox, Certificate Manager will not trust such certificates issued by this CA.
<p>Click OK to implement the settings you have selected.
<p>
[&nbsp;<A HREF="#certs_first">Return to beginning of Certificate Manager section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="Delete_CA_Certificate"></a>
<h3>Delete CA Certificate</h3>
<p>Before deleting a CA certificate, make sure that you won't need it again to validate certificates issued by that CA. If you delete the only valid certificate you have for a CA, Certificate Manager will no longer trust any certificates issued by that CA.
<p>
[&nbsp;<A HREF="#certs_first">Return to beginning of Certificate Manager section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="Security_Devices"></a>
<h3>Security Devices</h3>
<p><b>[text to come]</b>
<hr>
<p><i>3/19/2001</i></p>
<p>Copyright &copy; 1994-2001 Netscape Communications Corporation.</p>
</body>
</html>

383
extensions/help/resources/locale/en-US/glossary.html Normal file
View File

@ -0,0 +1,383 @@
<html><head>
<title></title>
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
</HEAD>
</P>
<h1><A NAME="
"></A><A NAME="996904">
Glossary
</A></h1><dl>
<A NAME="authentication"></A><A NAME="998782">
<B>authentication.</B>&nbsp;
</A><A NAME="1013907">
Assurance that a party to a computerized transaction is not an impostor. Authentication typically involves the use of a password, certificate, personal identification number (PIN), or other information that can be used to validate identity over a computer network. See also <a href="glossary.html#1014123">password-based authentication</a>, <a href="glossary.html#1018581">certificate-based authentication</a>, <a href="glossary.html#1021054">client authentication</a>, <a href="glossary.html#1031070">server authentication</a>.<P>
</A>
<A NAME="CA"></A><A NAME="1021395">
<B>CA.</B>&nbsp;
</A><A NAME="1021418">
See <a href="glossary.html#1020903"></a><a href="glossary.html#1020903">certificate authority (CA)</a>.<P>
</A>
<A NAME="CA certificate"></A><A NAME="1017503">
<B>CA certificate.</B>&nbsp;
</A><A NAME="1017507">
A certificate that identifies a certificate authority. See also <a href="glossary.html#1020903">certificate authority (CA)</a>, <a href="glossary.html#999541">subordinate CA</a>, <a href="glossary.html#1015631">root CA</a>.<P>
</A>
<A NAME="certificate"></A><A NAME="1018895">
<B>certificate.</B>&nbsp;
</A><A NAME="1018896">
The digital equivalent of an ID card. A certificate specifies the name of an individual, company, or other entity and certifies that a public key, which is included in the certificate, belongs to that entity. When you digitally sign a message or other data, the digital signature for that message is created with the aid of the private key that corresponds to the public key in your certificate. A certificate is issued and digitally signed by a <a href="glossary.html#1020903">certificate authority (CA)</a>. A certificate's validity can be verified by checking the CA's <a href="glossary.html#1013995">digital signature</a>. Also called digital ID, digital passport, public-key certificate X.509 certificate, and security certificate. See also <a href="glossary.html#1019178">public-key cryptography</a>.<P>
</A>
<A NAME="certificate authority (CA)"></A><A NAME="1020903">
<B>certificate authority (CA).</B>&nbsp;
</A><A NAME="1020904">
A service that issues a certificate after verifying the identity of the person or entity the certificate is intended to identify. A CA also renews and revokes certificates and generates a list of revoked certificates at regular intervals. CAs can be independent vendors (such as the CAs listed at <a href= "https://certs.netscape.com/client.html" TARGET="_blank">Certificate Authority Services</a>) or a person or organization using certificate-issuing server software (such as Netscape Certificate Management System). See also <a href="glossary.html#1018895">certificate</a>, <a href="glossary.html#1019940">certificate revocation list (CRL)</a>.<P>
</A>
<A NAME="certificate-based authentication"></A><A NAME="1018581">
<B>certificate-based authentication.</B>&nbsp;
</A><A NAME="1018582">
Verification of identity based on certificates and public-key cryptography. See also <a href="glossary.html#1014123">password-based authentication</a>.<P>
</A>
<A NAME="certificate chain"></A><A NAME="1018500">
<B>certificate chain.</B>&nbsp;
</A><A NAME="1019929">
A hierarchical series of certificates signed by successive certificate authorities. A CA certificate identifies a <a href="glossary.html#1020903">certificate authority (CA)</a> and is used to sign certificates issued by that authority. A CA certificate can in turn be signed by the CA certificate of a parent CA and so on up to a <a href="glossary.html#1015631">root CA</a>. <P>
</A>
<A NAME="certificate fingerprint"></A><A NAME="1020297">
<B>certificate fingerprint.</B>&nbsp;
</A><A NAME="1020326">
A unique number associated with a certificate. The number is not part of the certificate itself but is produced by applying a mathematical function to the contents of the certificate. If the contents of the certificate change, even by a single character, the function produces a different number. Certificate fingerprints can therefore be used to verify that certificates have not been tampered with.<P>
</A>
<A NAME="certificate renewal"></A><A NAME="1031319">
<B>certificate renewal.</B>&nbsp;
</A><A NAME="1031323">
The process of renewing a <a href="glossary.html#1018895">certificate</a> that is about to expire.<P>
</A>
<A NAME="certificate revocation list (CRL)"></A><A NAME="1019940">
<B>certificate revocation list (CRL).</B>&nbsp;
</A><A NAME="1021047">
A list of revoked certificates that is generated and signed by a <a href="glossary.html#1020903">certificate authority (CA)</a>. You can download the latest CRL to your browser or to a server, then check against it to make sure that certificates are still valid before permitting their use for authentication. <P>
</A>
<A NAME="certificate store"></A><A NAME="1023462">
<B>certificate store.</B>&nbsp;
</A><A NAME="1032978">
The collection of certificates, or electronic IDs, maintained by Personal Security Manager on your behalf. These include your own certificates stored on one or more security devices, other people's certificates, web site certificates, and <a href="glossary.html#1020903"></a>CA certificates. See also <a href="glossary.html#1020903">certificate authority (CA)</a>, <a href="glossary.html#1018895">certificate</a>, <a href="glossary.html#1028962">security device</a>.<P>
</A>
<A NAME="certificate verification"></A><A NAME="1025527">
<B>certificate verification.</B>&nbsp;
</A><A NAME="1025531">
When Personal Security Manager verifies a certificate, it confirms that the digital signature was created by a CA whose own CA certificate is both present in the certificate store and marked as trusted for issuing that kind of certificate. It also confirms that the certificate being verified has not been marked as untrusted in the certificate store. Finally, if the <a href="glossary.html#1029304">Online Certificate Status Protocol (OCSP)</a> has been activated (from the Options panel under the Advanced tab), Personal Security Manager also performs an on-line check. It does so by looking up the certificate in a list of valid certificates maintained at a URL that is specified either in the certificate itself or in the OCSP Settings window. If any of these checks fail, Personal Security Manager marks the certificate as unverified and won't recognize the identity it certifies.<P>
</A>
<A NAME="cipher"></A><A NAME="1021048">
<B>cipher.</B>&nbsp;
</A><A NAME="1021052">
See <a href="glossary.html#1019976">cryptographic algorithm</a>.<P>
</A>
<A NAME="client"></A><A NAME="1029510">
<B>client.</B>&nbsp;
</A><A NAME="1029547">
Software (such as browser software) that sends requests to and receives information from a <a href="glossary.html#1029749">server</a>, which is usually running on a different computer. A computer on which client software runs is also described as a client.<P>
</A>
<A NAME="client authentication"></A><A NAME="1021054">
<B>client authentication.</B>&nbsp;
</A><A NAME="1014557">
The process of identifying a <a href="glossary.html#1029510">client</a> to a <a href="glossary.html#1029749">server</a>, for example with a name and password or with a <a href="glossary.html#1014561">client SSL certificate</a> and some digitally signed data. See also <a href="glossary.html#999463">Secure Sockets Layer (SSL)</a>, <a href="glossary.html#1031070">server authentication</a>.<P>
</A>
<A NAME="client SSL certificate"></A><A NAME="1014561">
<B>client SSL certificate.</B>&nbsp;
</A><A NAME="1014562">
A certificate that a <a href="glossary.html#1029510">client</a> (for example, browser software such as Netscape Communicator) presents to a <a href="glossary.html#1029749">server</a> to authenticate the identity of the client (or the identity of the person using the client) using the <a href="glossary.html#999463">Secure Sockets Layer (SSL)</a> protocol. See also <a href="glossary.html#1021054">client authentication</a>.<P>
</A>
<A NAME="cryptographic algorithm"></A><A NAME="1019976">
<B>cryptographic algorithm.</B>&nbsp;
</A><A NAME="1019985">
A set of rules or directions used to perform cryptographic operations such as <a href="glossary.html#999078">encryption</a> and <a href="glossary.html#998999">decryption</a>. Sometimes called a <I>cipher.</I><P>
</A>
<A NAME="cryptography"></A><A NAME="1026002">
<B>cryptography.</B>&nbsp;
</A><A NAME="1026018">
The art and practice of scrambling (encrypting) and unscrambling (decrypting) information. For example, cryptographic techniques are used to scramble an unscramble information flowing between commercial web sites and your browser. See also <a href="glossary.html#1019178">public-key cryptography</a>.<P>
</A>
<A NAME="decryption"></A><A NAME="998999">
<B>decryption.</B>&nbsp;
</A><A NAME="999005">
The process of unscrambling data that has been encrypted. See also <a href="glossary.html#999078">encryption</a>.<P>
</A>
<A NAME="digital ID"></A><A NAME="999011">
<B>digital ID.</B>&nbsp;
</A><A NAME="999017">
See <a href="glossary.html#1018895">certificate</a>.<P>
</A>
<A NAME="digital signature"></A><A NAME="1013995">
<B>digital signature.</B>&nbsp;
</A><A NAME="1013996">
A code created from both the data to be signed and the private key of the signer. This code is unique for each new piece of data. Even a single comma added to a message changes the digital signature for that message. Successful validation of your digital signature by appropriate software not only provides evidence that you approved the transaction or message, but also provides evidence that the data has not changed since you digitally signed it. A digital signature has nothing to do with a handwritten signature, although it can sometimes be used for similar legal purposes. See also <a href="glossary.html#999248">nonrepudiation</a>, <a href="glossary.html#999618">tamper detection</a>.<P>
</A>
<A NAME="distinguished name (DN)"></A><A NAME="1022191">
<B>distinguished name (DN).</B>&nbsp;
</A><A NAME="1022194">
A specially formatted name that uniquely identifies the subject of a certificate.<P>
</A>
<A NAME="dual key pairs"></A><A NAME="1020489">
<B>dual key pairs.</B>&nbsp;
</A><A NAME="1020619">
Two public-private key pairs--four keys altogether--corresponding to two separate certificates. The private key of one pair is used for signing operations, and the public and private keys of the other pair are used for encryption and decryption operations. Each pair corresponds to a separate <a href="glossary.html#1018895">certificate</a>. See also <a href="glossary.html#1019178">public-key cryptography</a>.<P>
</A>
<A NAME="eavesdropping"></A><A NAME="1020620">
<B>eavesdropping.</B>&nbsp;
</A><A NAME="1013975">
Surreptitious interception of information sent over a network by an entity for which the information is not intended.<P>
</A>
<A NAME="encryption"></A><A NAME="999078">
<B>encryption.</B>&nbsp;
</A><A NAME="1024038">
The process of scrambling information in a way that disguises its meaning. For example, encrypted connections between computers make it very difficult for third-parties to unscramble, or <I>decrypt,</I> information flowing over the connection. Encrypted information can be decrypted only by someone who possesses the appropriate key. See also <a href="glossary.html#1019178">public-key cryptography</a>.<P>
</A>
<A NAME="encryption certificate"></A><A NAME="1024953">
<B>encryption certificate.</B>&nbsp;
</A><A NAME="1024978">
A certificate whose public key corresponds to a private key used for encryption only. Encryption certificates are not used for signing operations. See also <a href="glossary.html#1020489">dual key pairs</a>, <a href="glossary.html#999493">signing certificate</a>.<P>
</A>
<A NAME="encryption key"></A><A NAME="1021254">
<B>encryption key.</B>&nbsp;
</A><A NAME="1021255">
A private key used for encryption only. An encryption key and its equivalent public key, plus a <a href="glossary.html#1021282">signing key</a> and its equivalent public key, constitute a <a href="glossary.html#1020489">dual key pairs</a>.<P>
</A>
<A NAME="fingerprint"></A><A NAME="1020434">
<B>fingerprint.</B>&nbsp;
</A><A NAME="1020450">
See <a href="glossary.html#1020297">certificate fingerprint</a>.<P>
</A>
<A NAME="FIPS PUBS 140-1"></A><A NAME="1025742">
<B>FIPS PUBS 140-1.</B>&nbsp;
</A><A NAME="1025743">
Federal Information Processing Standards Publications (FIPS PUBS) 140-1 is a US government standard for implementations of cryptographic modules--that is, hardware or software that encrypts and decrypts data or performs other cryptographic operations (such as creating or verifying digital signatures). Many products sold to the US government must comply with one or more of the FIPS standards.<P>
</A>
<A NAME="key"></A><A NAME="999203">
<B>key.</B>&nbsp;
</A><A NAME="999212">
A large number used by a <a href="glossary.html#1019976">cryptographic algorithm</a> to encrypt or decrypt data. A person's public key, for example, allows other people to encrypt messages to that person. The encrypted messages must be decrypted with the corresponding private key. See also <a href="glossary.html#1019178">public-key cryptography</a>.<P>
</A>
<A NAME="Lightweight Directory Access Protocol (LDAP)"></A><A NAME="1022286">
<B>Lightweight Directory Access Protocol (LDAP).</B>&nbsp;
</A><A NAME="1022287">
A protocol for accessing directory services across multiple platforms. LDAP is a simplified version of Directory Access Protocol (DAP), used to access X.500 directories. <P>
</A>
<A NAME="master key"></A><A NAME="1032598">
<B>master key.</B>&nbsp;
</A><A NAME="1032639">
A symmetric key used by Personal Security Manager to encrypt information on behalf of other applications. For example, Netscape 6 uses Personal Security Manager and your master key to encrypt email passwords, web site passwords, and other stored sensitive information. See also <a href="glossary.html#999604">symmetric encryption</a>.<P>
</A>
<A NAME="misrepresentation"></A><A NAME="1014057">
<B>misrepresentation.</B>&nbsp;
</A><A NAME="1014058">
Presentation of an entity as a person or organization that it is not. For example, a web site might pretend to be a furniture store when it is really just a site that takes credit card payments but never sends any goods. See also <a href="glossary.html#1014366">spoofing</a>.<P>
</A>
<A NAME="Netscape Certificate Management System"></A><A NAME="1018306">
<B>Netscape Certificate Management System.</B>&nbsp;
</A><A NAME="1018308">
A highly configurable set of software components and tools for creating, deploying, and managing certificates. You enroll with the system to obtain certificates of all kinds; the system maintains information about the certificates it issues.<P>
</A>
<A NAME="nonrepudiation"></A><A NAME="999248">
<B>nonrepudiation.</B>&nbsp;
</A><A NAME="999254">
The inability, of the sender of a message, to deny having sent the message. A regular hand-written signature provides one form of nonrepudiation. A <a href="glossary.html#1013995">digital signature</a> provides another.<P>
</A>
<A NAME="object signing"></A><A NAME="1014095">
<B>object signing.</B>&nbsp;
</A><A NAME="1014096">
A technology that allows software developers to sign Java code, JavaScript scripts, or any kind of file, and that allows users to identify the signers and control access by signed code to local system resources.<P>
</A>
<A NAME="object-signing certificate"></A><A NAME="1014097">
<B>object-signing certificate.</B>&nbsp;
</A><A NAME="1014098">
A certificate whose corresponding private key is used to sign objects such as code files. See also <a href="glossary.html#1014095">object signing</a>.<P>
</A>
<A NAME="Online Certificate Status Protocol (OCSP)"></A><A NAME="1029304">
<B>Online Certificate Status Protocol (OCSP).</B>&nbsp;
</A><A NAME="1029312">
A set of rules that Personal Security Manager follows to perform an online check of an email certificate's validity each time the certificate is used. This process involves checking the certificate against a list of valid certificates maintained at a specified web site. Your computer must be online for OCSP to work.<P>
</A>
<A NAME="password-based authentication"></A><A NAME="1014123">
<B>password-based authentication.</B>&nbsp;
</A><A NAME="1014124">
Confident identification by means of a name and password. See also <a href="glossary.html#998782">authentication</a>.<P>
</A>
<A NAME="Personal Security Password"></A><A NAME="1032744">
<B>Personal Security Password.</B>&nbsp;
</A><A NAME="1032748">
A password used by Personal Security Manager to protect the master key and/or private keys stored on a <a href="glossary.html#1028962">security device</a>. Personal Security Manager needs to access your private keys, for example, when you sign email messages or use one of your own certificates to identify yourself to a web site. It needs to access your master key when it encrypts or decrypts information on behalf of another application&#151;for example, when Netscape 6 needs to store or access your email password. You can set or change your personal security password from the Certificates tab in Personal Security Manager. Each security device requires a separate Personal Security Password. See also <a href="glossary.html#1015387">private key</a>, <a href="glossary.html#1032598">master key</a>.<P>
</A>
<A NAME="PKCS #11"></A><A NAME="1025194">
<B>PKCS #11.</B>&nbsp;
</A><A NAME="1025195">
The public-key cryptography standard that governs security devices such as smart cards. See also <a href="glossary.html#1028962">security device</a>, <a href="glossary.html#1027625">smart card</a>.<P>
</A>
<A NAME="PKCS #11 module"></A><A NAME="1025197">
<B>PKCS #11 module.</B>&nbsp;
</A><A NAME="1025271">
A program on your computer that manages cryptographic services such as encryption and decryption using the PKCS #11 standard. PKCS #11 modules (also called <I>cryptographic modules</I>, <I>cryptographic service providers,</I> or <I>security modules</I>) can be thought of as drivers for cryptographic devices that can be implemented in either hardware or software. A PKCS #11 module always controls one or more slots<B>,</B> which may be implemented as physical hardware slots in some form of physical reader (for example, for smart cards) or as conceptual slots in software. Each slot for a PKCS #11 module can in turn contain a <a href="glossary.html#1028962">security device</a> (also called <I>token</I>)<B>,</B> which is the hardware or software device that actually provides cryptographic services and optionally stores certificates and keys. Personal Security Manager provides a built-in PKCS #11 module. You may install additional modules on your computer to control smart card readers or other hardware devices.<P>
</A>
<A NAME="portable security password"></A><A NAME="1024655">
<B>portable security password.</B>&nbsp;
</A><A NAME="1024670">
A password that protects a certificate that you are backing up or have previously backed up. Personal Security Manager asks you to set this password when you back up a certificate, and requests it when you attempt to restore a certificate that has previously been backed up. <P>
</A>
<A NAME="private key"></A><A NAME="1015387">
<B>private key.</B>&nbsp;
</A><A NAME="1015391">
One of a pair of keys used in public-key cryptography. The private key is kept secret and is used to decrypt data that has been encrypted with the corresponding public key.<P>
</A>
<A NAME="PSM Private Keys security device"></A><A NAME="1032045">
<B>PSM Private Keys security device.</B>&nbsp;
</A><A NAME="1032110">
The default <a href="glossary.html#1028962">security device</a> used by Personal Security Manager to store private keys associated with your certificates. In addition to private keys, the PSM Private Keys security device stores the master key used by Netscape 6 to encrypt email passwords, web site passwords, and other sensitive information. See also <a href="glossary.html#1015387">private key</a>, <a href="glossary.html#1032598">master key</a>.<P>
</A>
<A NAME="public key"></A><A NAME="1019172">
<B>public key.</B>&nbsp;
</A><A NAME="1019173">
One of a pair of keys used in public-key cryptography. The public key is distributed freely and published as part of a <a href="glossary.html#1018895">certificate</a>. It is typically used to encrypt data sent to the public key's owner, who then decrypts the data with the corresponding private key.<P>
</A>
<A NAME="public-key cryptography"></A><A NAME="1019178">
<B>public-key cryptography.</B>&nbsp;
</A><A NAME="1023765">
A set of well-established techniques and standards that allow an entity (such as a person, an organization, or hardware such as a router) to verify its identity electronically or to sign and encrypt electronic data. Two keys are involved: a <a href="glossary.html#1019172">public key</a> and a <a href="glossary.html#1015387">private key</a>. The public key is published as part of a <a href="glossary.html#1018895">certificate</a>, which associates that key with a particular identity. The corresponding private key is kept secret. Data encrypted with the public key can be decrypted only with the private key. <P>
</A>
<A NAME="public-key infrastructure (PKI)"></A><A NAME="999412">
<B>public-key infrastructure (PKI).</B>&nbsp;
</A><A NAME="1014263">
The standards and services that facilitate the use of public-key cryptography and certificates in a networked environment.<P>
</A>
<A NAME="root CA"></A><A NAME="1015631">
<B>root CA.</B>&nbsp;
</A><A NAME="1015635">
The <a href="glossary.html#1020903">certificate authority (CA)</a> with a self-signed certificate at the top of a <a href="glossary.html#1018500">certificate chain</a>. See also <a href="glossary.html#999541">subordinate CA</a>.<P>
</A>
<A NAME="Secure Sockets Layer (SSL)"></A><A NAME="999463">
<B>Secure Sockets Layer (SSL).</B>&nbsp;
</A><A NAME="999472">
A protocol that allows mutual authentication between a <a href="glossary.html#1029510">client</a> and a <a href="glossary.html#1029749">server</a> for the purpose of establishing an authenticated and encrypted connection. SSL runs above TCP/IP and below HTTP, LDAP, IMAP, NNTP, and other high-level network protocols. The new Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL. See also <a href="glossary.html#998782">authentication</a>, <a href="glossary.html#999078">encryption</a>.<P>
</A>
<A NAME="security certificate"></A><A NAME="1028900">
<B>security certificate.</B>&nbsp;
</A><A NAME="1028904">
See <a href="glossary.html#1018895">certificate</a>.<P>
</A>
<A NAME="security device"></A><A NAME="1028962">
<B>security device.</B>&nbsp;
</A><A NAME="1028963">
A hardware or software device that provides cryptographic services such as encryption and decryption and can store certificates and keys. A smart card is one example of a hardware security device. Personal Security Manager contains its own internal security device, called the <a href="glossary.html#1032045">PSM Private Keys security device</a>, that is implemented in software. Each security device is protected by its own <a href="glossary.html#1032744">Personal Security Password</a>.<P>
</A>
<A NAME="security module"></A><A NAME="1029083">
<B>security module.</B>&nbsp;
</A><A NAME="1029097">
See <a href="glossary.html#1025197">PKCS #11 module</a>.<P>
</A>
<A NAME="security token"></A><A NAME="1028905">
<B>security token.</B>&nbsp;
</A><A NAME="1028909">
See <a href="glossary.html#1028962">security device</a>.<P>
</A>
<A NAME="server"></A><A NAME="1029749">
<B>server.</B>&nbsp;
</A><A NAME="1029869">
Software (such as software that serves up web pages) that receives requests from and sends information to a <a href="glossary.html#1029510">client</a>, which is usually running on a different computer. A computer on which server software runs is also described as a server.<P>
</A>
<A NAME="server authentication"></A><A NAME="1031070">
<B>server authentication.</B>&nbsp;
</A><A NAME="1031080">
The process of identifying a <a href="glossary.html#1029749">server</a> to a <a href="glossary.html#1029510">client</a> by using a <a href="glossary.html#1029874">server SSL certificate</a>. See also <a href="glossary.html#1021054">client authentication</a>, <a href="glossary.html#999463">Secure Sockets Layer (SSL)</a>.<P>
</A>
<A NAME="server SSL certificate"></A><A NAME="1029874">
<B>server SSL certificate.</B>&nbsp;
</A><A NAME="999500">
A certificate that a <a href="glossary.html#1029749">server</a> presents to a <a href="glossary.html#1029510">client</a> to authenticate the server's identity using the <a href="glossary.html#999463">Secure Sockets Layer (SSL)</a> protocol.<P>
</A>
<A NAME="signing certificate"></A><A NAME="999493">
<B>signing certificate.</B>&nbsp;
</A><A NAME="999507">
A certificate whose corresponding <a href="glossary.html#1015387">private key</a> is used to sign transmitted data, so that the receiver can verify the identity of the sender. Certificate authorities (CAs) often issue a signing certificate that will be used to sign email messages at the same time as an <a href="glossary.html#1024953">encryption certificate</a> that will be used to encrypt email messages. See also <a href="glossary.html#1020489">dual key pairs</a>, <a href="glossary.html#1013995">digital signature</a>.<P>
</A>
<A NAME="signing key"></A><A NAME="1021282">
<B>signing key.</B>&nbsp;
</A><A NAME="1021283">
A private key used for signing only. A signing key and its equivalent public key, together with an <a href="glossary.html#1021254">encryption key</a> and its equivalent public key, constitute <a href="glossary.html#1020489">dual key pairs</a>.<P>
</A>
<A NAME="slot"></A><A NAME="1025218">
<B>slot.</B>&nbsp;
</A><A NAME="1025222">
A piece of hardware, or its equivalent in software, that is controlled by a <a href="glossary.html#1025197">PKCS #11 module</a> and designed to contain a <a href="glossary.html#1028962">security device</a>. <P>
</A>
<A NAME="smart card"></A><A NAME="1027625">
<B>smart card.</B>&nbsp;
</A><A NAME="1027626">
A small device, typically about the size of a credit card, that contains a microprocessor and is capable of storing cryptographic information (such as keys and certificates) and performing cryptographic operations. Smart cards use the <a href="glossary.html#1025194">PKCS #11</a> standard. A smart card is one kind of <a href="glossary.html#1028962">security device</a>. <P>
</A>
<A NAME="spoofing"></A><A NAME="1014366">
<B>spoofing.</B>&nbsp;
</A><A NAME="1014367">
Pretending to be someone else. For example, a person can pretend to have the email address <FONT FACE="courier, courier new, monospace">jdoe@mozilla.com</FONT>, or a computer can identify itself as a site called <FONT FACE="courier, courier new, monospace">www.mozilla.com</FONT> when it is not. Spoofing is one form of <a href="glossary.html#1014057">misrepresentation</a>.<P>
</A>
<A NAME="SSL"></A><A NAME="999533">
<B>SSL.</B>&nbsp;
</A><A NAME="999539">
See <a href="glossary.html#999463">Secure Sockets Layer (SSL)</a>. <P>
</A>
<A NAME="subject"></A><A NAME="1013880">
<B>subject.</B>&nbsp;
</A><A NAME="1013881">
The entity (such as a person, organization, or router) identified by a <a href="glossary.html#1018895">certificate</a>. In particular, the subject field of a certificate contains the certified entity's <a href="glossary.html#1021328">subject name</a> and other characteristics.<P>
</A>
<A NAME="subject name"></A><A NAME="1021328">
<B>subject name.</B>&nbsp;
</A><A NAME="1021338">
A <a href="glossary.html#1022191">distinguished name (DN)</a> that uniquely describes the <a href="glossary.html#1013880">subject</a> of a <a href="glossary.html#1018895">certificate</a>.<P>
</A>
<A NAME="subordinate CA"></A><A NAME="999541">
<B>subordinate CA.</B>&nbsp;
</A><A NAME="999591">
A <a href="glossary.html#1020903">certificate authority (CA)</a> whose certificate is signed by another subordinate CA or by the root CA. See also <a href="glossary.html#1018500">certificate chain</a>, <a href="glossary.html#1015631">root CA</a>.<P>
</A>
<A NAME="symmetric encryption"></A><A NAME="999604">
<B>symmetric encryption.</B>&nbsp;
</A><A NAME="999625">
An encryption method that uses a single cryptographic key to both encrypt and decrypt a given message.<P>
</A>
<A NAME="tamper detection"></A><A NAME="999618">
<B>tamper detection.</B>&nbsp;
</A><A NAME="999631">
A mechanism ensuring that data received in electronic form has not been tampered with; that is, that the data received corresponds entirely with the original version of the same data.<P>
</A>
<A NAME="TLS"></A><A NAME="1027427">
<B>TLS.</B>&nbsp;
</A><A NAME="1027428">
See <a href="glossary.html#999463">Secure Sockets Layer (SSL)</a>.<P>
</A>
<A NAME="token"></A><A NAME="1024528">
<B>token.</B>&nbsp;
</A><A NAME="1024586">
See <a href="glossary.html#1028962">security device</a>.<P>
</A>
<A NAME="trust"></A><A NAME="1019748">
<B>trust.</B>&nbsp;
</A><A NAME="1020186">
Confident reliance on a person or other entity. In the context of <a href="glossary.html#999412">public-key infrastructure (PKI)</a>, trust usually refers to the relationship between the user of a certificate and the <a href="glossary.html#1020903">certificate authority (CA)</a> that issued the certificate. If you use Personal Security Manager to specify that you trust a CA, Personal Security Manager trusts valid certificates issued by that CA unless you specify otherwise in the settings for individual certificates. You use the Authorities panel of the Certificates tab in Personal Security Manager to specify the kinds of certificates you trust or don't trust different CAs to issue. <P>
</A>
<A NAME="1028719">
<B></B><a href="glossary.html#1028962"></a><P>
</A>
</dl>
<BR>
&copy; Copyright 2000 Netscape Communications Corporation
</FONT> </CENTER>
<BR>
</BODY>
</HTML>

383
extensions/help/resources/locale/en-US/glossary.xhtml Normal file
View File

@ -0,0 +1,383 @@
<html><head>
<title></title>
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
</HEAD>
</P>
<h1><A NAME="
"></A><A NAME="996904">
Glossary
</A></h1><dl>
<A NAME="authentication"></A><A NAME="998782">
<B>authentication.</B>&nbsp;
</A><A NAME="1013907">
Assurance that a party to a computerized transaction is not an impostor. Authentication typically involves the use of a password, certificate, personal identification number (PIN), or other information that can be used to validate identity over a computer network. See also <a href="glossary.html#1014123">password-based authentication</a>, <a href="glossary.html#1018581">certificate-based authentication</a>, <a href="glossary.html#1021054">client authentication</a>, <a href="glossary.html#1031070">server authentication</a>.<P>
</A>
<A NAME="CA"></A><A NAME="1021395">
<B>CA.</B>&nbsp;
</A><A NAME="1021418">
See <a href="glossary.html#1020903"></a><a href="glossary.html#1020903">certificate authority (CA)</a>.<P>
</A>
<A NAME="CA certificate"></A><A NAME="1017503">
<B>CA certificate.</B>&nbsp;
</A><A NAME="1017507">
A certificate that identifies a certificate authority. See also <a href="glossary.html#1020903">certificate authority (CA)</a>, <a href="glossary.html#999541">subordinate CA</a>, <a href="glossary.html#1015631">root CA</a>.<P>
</A>
<A NAME="certificate"></A><A NAME="1018895">
<B>certificate.</B>&nbsp;
</A><A NAME="1018896">
The digital equivalent of an ID card. A certificate specifies the name of an individual, company, or other entity and certifies that a public key, which is included in the certificate, belongs to that entity. When you digitally sign a message or other data, the digital signature for that message is created with the aid of the private key that corresponds to the public key in your certificate. A certificate is issued and digitally signed by a <a href="glossary.html#1020903">certificate authority (CA)</a>. A certificate's validity can be verified by checking the CA's <a href="glossary.html#1013995">digital signature</a>. Also called digital ID, digital passport, public-key certificate X.509 certificate, and security certificate. See also <a href="glossary.html#1019178">public-key cryptography</a>.<P>
</A>
<A NAME="certificate authority (CA)"></A><A NAME="1020903">
<B>certificate authority (CA).</B>&nbsp;
</A><A NAME="1020904">
A service that issues a certificate after verifying the identity of the person or entity the certificate is intended to identify. A CA also renews and revokes certificates and generates a list of revoked certificates at regular intervals. CAs can be independent vendors (such as the CAs listed at <a href= "https://certs.netscape.com/client.html" TARGET="_blank">Certificate Authority Services</a>) or a person or organization using certificate-issuing server software (such as Netscape Certificate Management System). See also <a href="glossary.html#1018895">certificate</a>, <a href="glossary.html#1019940">certificate revocation list (CRL)</a>.<P>
</A>
<A NAME="certificate-based authentication"></A><A NAME="1018581">
<B>certificate-based authentication.</B>&nbsp;
</A><A NAME="1018582">
Verification of identity based on certificates and public-key cryptography. See also <a href="glossary.html#1014123">password-based authentication</a>.<P>
</A>
<A NAME="certificate chain"></A><A NAME="1018500">
<B>certificate chain.</B>&nbsp;
</A><A NAME="1019929">
A hierarchical series of certificates signed by successive certificate authorities. A CA certificate identifies a <a href="glossary.html#1020903">certificate authority (CA)</a> and is used to sign certificates issued by that authority. A CA certificate can in turn be signed by the CA certificate of a parent CA and so on up to a <a href="glossary.html#1015631">root CA</a>. <P>
</A>
<A NAME="certificate fingerprint"></A><A NAME="1020297">
<B>certificate fingerprint.</B>&nbsp;
</A><A NAME="1020326">
A unique number associated with a certificate. The number is not part of the certificate itself but is produced by applying a mathematical function to the contents of the certificate. If the contents of the certificate change, even by a single character, the function produces a different number. Certificate fingerprints can therefore be used to verify that certificates have not been tampered with.<P>
</A>
<A NAME="certificate renewal"></A><A NAME="1031319">
<B>certificate renewal.</B>&nbsp;
</A><A NAME="1031323">
The process of renewing a <a href="glossary.html#1018895">certificate</a> that is about to expire.<P>
</A>
<A NAME="certificate revocation list (CRL)"></A><A NAME="1019940">
<B>certificate revocation list (CRL).</B>&nbsp;
</A><A NAME="1021047">
A list of revoked certificates that is generated and signed by a <a href="glossary.html#1020903">certificate authority (CA)</a>. You can download the latest CRL to your browser or to a server, then check against it to make sure that certificates are still valid before permitting their use for authentication. <P>
</A>
<A NAME="certificate store"></A><A NAME="1023462">
<B>certificate store.</B>&nbsp;
</A><A NAME="1032978">
The collection of certificates, or electronic IDs, maintained by Personal Security Manager on your behalf. These include your own certificates stored on one or more security devices, other people's certificates, web site certificates, and <a href="glossary.html#1020903"></a>CA certificates. See also <a href="glossary.html#1020903">certificate authority (CA)</a>, <a href="glossary.html#1018895">certificate</a>, <a href="glossary.html#1028962">security device</a>.<P>
</A>
<A NAME="certificate verification"></A><A NAME="1025527">
<B>certificate verification.</B>&nbsp;
</A><A NAME="1025531">
When Personal Security Manager verifies a certificate, it confirms that the digital signature was created by a CA whose own CA certificate is both present in the certificate store and marked as trusted for issuing that kind of certificate. It also confirms that the certificate being verified has not been marked as untrusted in the certificate store. Finally, if the <a href="glossary.html#1029304">Online Certificate Status Protocol (OCSP)</a> has been activated (from the Options panel under the Advanced tab), Personal Security Manager also performs an on-line check. It does so by looking up the certificate in a list of valid certificates maintained at a URL that is specified either in the certificate itself or in the OCSP Settings window. If any of these checks fail, Personal Security Manager marks the certificate as unverified and won't recognize the identity it certifies.<P>
</A>
<A NAME="cipher"></A><A NAME="1021048">
<B>cipher.</B>&nbsp;
</A><A NAME="1021052">
See <a href="glossary.html#1019976">cryptographic algorithm</a>.<P>
</A>
<A NAME="client"></A><A NAME="1029510">
<B>client.</B>&nbsp;
</A><A NAME="1029547">
Software (such as browser software) that sends requests to and receives information from a <a href="glossary.html#1029749">server</a>, which is usually running on a different computer. A computer on which client software runs is also described as a client.<P>
</A>
<A NAME="client authentication"></A><A NAME="1021054">
<B>client authentication.</B>&nbsp;
</A><A NAME="1014557">
The process of identifying a <a href="glossary.html#1029510">client</a> to a <a href="glossary.html#1029749">server</a>, for example with a name and password or with a <a href="glossary.html#1014561">client SSL certificate</a> and some digitally signed data. See also <a href="glossary.html#999463">Secure Sockets Layer (SSL)</a>, <a href="glossary.html#1031070">server authentication</a>.<P>
</A>
<A NAME="client SSL certificate"></A><A NAME="1014561">
<B>client SSL certificate.</B>&nbsp;
</A><A NAME="1014562">
A certificate that a <a href="glossary.html#1029510">client</a> (for example, browser software such as Netscape Communicator) presents to a <a href="glossary.html#1029749">server</a> to authenticate the identity of the client (or the identity of the person using the client) using the <a href="glossary.html#999463">Secure Sockets Layer (SSL)</a> protocol. See also <a href="glossary.html#1021054">client authentication</a>.<P>
</A>
<A NAME="cryptographic algorithm"></A><A NAME="1019976">
<B>cryptographic algorithm.</B>&nbsp;
</A><A NAME="1019985">
A set of rules or directions used to perform cryptographic operations such as <a href="glossary.html#999078">encryption</a> and <a href="glossary.html#998999">decryption</a>. Sometimes called a <I>cipher.</I><P>
</A>
<A NAME="cryptography"></A><A NAME="1026002">
<B>cryptography.</B>&nbsp;
</A><A NAME="1026018">
The art and practice of scrambling (encrypting) and unscrambling (decrypting) information. For example, cryptographic techniques are used to scramble an unscramble information flowing between commercial web sites and your browser. See also <a href="glossary.html#1019178">public-key cryptography</a>.<P>
</A>
<A NAME="decryption"></A><A NAME="998999">
<B>decryption.</B>&nbsp;
</A><A NAME="999005">
The process of unscrambling data that has been encrypted. See also <a href="glossary.html#999078">encryption</a>.<P>
</A>
<A NAME="digital ID"></A><A NAME="999011">
<B>digital ID.</B>&nbsp;
</A><A NAME="999017">
See <a href="glossary.html#1018895">certificate</a>.<P>
</A>
<A NAME="digital signature"></A><A NAME="1013995">
<B>digital signature.</B>&nbsp;
</A><A NAME="1013996">
A code created from both the data to be signed and the private key of the signer. This code is unique for each new piece of data. Even a single comma added to a message changes the digital signature for that message. Successful validation of your digital signature by appropriate software not only provides evidence that you approved the transaction or message, but also provides evidence that the data has not changed since you digitally signed it. A digital signature has nothing to do with a handwritten signature, although it can sometimes be used for similar legal purposes. See also <a href="glossary.html#999248">nonrepudiation</a>, <a href="glossary.html#999618">tamper detection</a>.<P>
</A>
<A NAME="distinguished name (DN)"></A><A NAME="1022191">
<B>distinguished name (DN).</B>&nbsp;
</A><A NAME="1022194">
A specially formatted name that uniquely identifies the subject of a certificate.<P>
</A>
<A NAME="dual key pairs"></A><A NAME="1020489">
<B>dual key pairs.</B>&nbsp;
</A><A NAME="1020619">
Two public-private key pairs--four keys altogether--corresponding to two separate certificates. The private key of one pair is used for signing operations, and the public and private keys of the other pair are used for encryption and decryption operations. Each pair corresponds to a separate <a href="glossary.html#1018895">certificate</a>. See also <a href="glossary.html#1019178">public-key cryptography</a>.<P>
</A>
<A NAME="eavesdropping"></A><A NAME="1020620">
<B>eavesdropping.</B>&nbsp;
</A><A NAME="1013975">
Surreptitious interception of information sent over a network by an entity for which the information is not intended.<P>
</A>
<A NAME="encryption"></A><A NAME="999078">
<B>encryption.</B>&nbsp;
</A><A NAME="1024038">
The process of scrambling information in a way that disguises its meaning. For example, encrypted connections between computers make it very difficult for third-parties to unscramble, or <I>decrypt,</I> information flowing over the connection. Encrypted information can be decrypted only by someone who possesses the appropriate key. See also <a href="glossary.html#1019178">public-key cryptography</a>.<P>
</A>
<A NAME="encryption certificate"></A><A NAME="1024953">
<B>encryption certificate.</B>&nbsp;
</A><A NAME="1024978">
A certificate whose public key corresponds to a private key used for encryption only. Encryption certificates are not used for signing operations. See also <a href="glossary.html#1020489">dual key pairs</a>, <a href="glossary.html#999493">signing certificate</a>.<P>
</A>
<A NAME="encryption key"></A><A NAME="1021254">
<B>encryption key.</B>&nbsp;
</A><A NAME="1021255">
A private key used for encryption only. An encryption key and its equivalent public key, plus a <a href="glossary.html#1021282">signing key</a> and its equivalent public key, constitute a <a href="glossary.html#1020489">dual key pairs</a>.<P>
</A>
<A NAME="fingerprint"></A><A NAME="1020434">
<B>fingerprint.</B>&nbsp;
</A><A NAME="1020450">
See <a href="glossary.html#1020297">certificate fingerprint</a>.<P>
</A>
<A NAME="FIPS PUBS 140-1"></A><A NAME="1025742">
<B>FIPS PUBS 140-1.</B>&nbsp;
</A><A NAME="1025743">
Federal Information Processing Standards Publications (FIPS PUBS) 140-1 is a US government standard for implementations of cryptographic modules--that is, hardware or software that encrypts and decrypts data or performs other cryptographic operations (such as creating or verifying digital signatures). Many products sold to the US government must comply with one or more of the FIPS standards.<P>
</A>
<A NAME="key"></A><A NAME="999203">
<B>key.</B>&nbsp;
</A><A NAME="999212">
A large number used by a <a href="glossary.html#1019976">cryptographic algorithm</a> to encrypt or decrypt data. A person's public key, for example, allows other people to encrypt messages to that person. The encrypted messages must be decrypted with the corresponding private key. See also <a href="glossary.html#1019178">public-key cryptography</a>.<P>
</A>
<A NAME="Lightweight Directory Access Protocol (LDAP)"></A><A NAME="1022286">
<B>Lightweight Directory Access Protocol (LDAP).</B>&nbsp;
</A><A NAME="1022287">
A protocol for accessing directory services across multiple platforms. LDAP is a simplified version of Directory Access Protocol (DAP), used to access X.500 directories. <P>
</A>
<A NAME="master key"></A><A NAME="1032598">
<B>master key.</B>&nbsp;
</A><A NAME="1032639">
A symmetric key used by Personal Security Manager to encrypt information on behalf of other applications. For example, Netscape 6 uses Personal Security Manager and your master key to encrypt email passwords, web site passwords, and other stored sensitive information. See also <a href="glossary.html#999604">symmetric encryption</a>.<P>
</A>
<A NAME="misrepresentation"></A><A NAME="1014057">
<B>misrepresentation.</B>&nbsp;
</A><A NAME="1014058">
Presentation of an entity as a person or organization that it is not. For example, a web site might pretend to be a furniture store when it is really just a site that takes credit card payments but never sends any goods. See also <a href="glossary.html#1014366">spoofing</a>.<P>
</A>
<A NAME="Netscape Certificate Management System"></A><A NAME="1018306">
<B>Netscape Certificate Management System.</B>&nbsp;
</A><A NAME="1018308">
A highly configurable set of software components and tools for creating, deploying, and managing certificates. You enroll with the system to obtain certificates of all kinds; the system maintains information about the certificates it issues.<P>
</A>
<A NAME="nonrepudiation"></A><A NAME="999248">
<B>nonrepudiation.</B>&nbsp;
</A><A NAME="999254">
The inability, of the sender of a message, to deny having sent the message. A regular hand-written signature provides one form of nonrepudiation. A <a href="glossary.html#1013995">digital signature</a> provides another.<P>
</A>
<A NAME="object signing"></A><A NAME="1014095">
<B>object signing.</B>&nbsp;
</A><A NAME="1014096">
A technology that allows software developers to sign Java code, JavaScript scripts, or any kind of file, and that allows users to identify the signers and control access by signed code to local system resources.<P>
</A>
<A NAME="object-signing certificate"></A><A NAME="1014097">
<B>object-signing certificate.</B>&nbsp;
</A><A NAME="1014098">
A certificate whose corresponding private key is used to sign objects such as code files. See also <a href="glossary.html#1014095">object signing</a>.<P>
</A>
<A NAME="Online Certificate Status Protocol (OCSP)"></A><A NAME="1029304">
<B>Online Certificate Status Protocol (OCSP).</B>&nbsp;
</A><A NAME="1029312">
A set of rules that Personal Security Manager follows to perform an online check of an email certificate's validity each time the certificate is used. This process involves checking the certificate against a list of valid certificates maintained at a specified web site. Your computer must be online for OCSP to work.<P>
</A>
<A NAME="password-based authentication"></A><A NAME="1014123">
<B>password-based authentication.</B>&nbsp;
</A><A NAME="1014124">
Confident identification by means of a name and password. See also <a href="glossary.html#998782">authentication</a>.<P>
</A>
<A NAME="Personal Security Password"></A><A NAME="1032744">
<B>Personal Security Password.</B>&nbsp;
</A><A NAME="1032748">
A password used by Personal Security Manager to protect the master key and/or private keys stored on a <a href="glossary.html#1028962">security device</a>. Personal Security Manager needs to access your private keys, for example, when you sign email messages or use one of your own certificates to identify yourself to a web site. It needs to access your master key when it encrypts or decrypts information on behalf of another application&#151;for example, when Netscape 6 needs to store or access your email password. You can set or change your personal security password from the Certificates tab in Personal Security Manager. Each security device requires a separate Personal Security Password. See also <a href="glossary.html#1015387">private key</a>, <a href="glossary.html#1032598">master key</a>.<P>
</A>
<A NAME="PKCS #11"></A><A NAME="1025194">
<B>PKCS #11.</B>&nbsp;
</A><A NAME="1025195">
The public-key cryptography standard that governs security devices such as smart cards. See also <a href="glossary.html#1028962">security device</a>, <a href="glossary.html#1027625">smart card</a>.<P>
</A>
<A NAME="PKCS #11 module"></A><A NAME="1025197">
<B>PKCS #11 module.</B>&nbsp;
</A><A NAME="1025271">
A program on your computer that manages cryptographic services such as encryption and decryption using the PKCS #11 standard. PKCS #11 modules (also called <I>cryptographic modules</I>, <I>cryptographic service providers,</I> or <I>security modules</I>) can be thought of as drivers for cryptographic devices that can be implemented in either hardware or software. A PKCS #11 module always controls one or more slots<B>,</B> which may be implemented as physical hardware slots in some form of physical reader (for example, for smart cards) or as conceptual slots in software. Each slot for a PKCS #11 module can in turn contain a <a href="glossary.html#1028962">security device</a> (also called <I>token</I>)<B>,</B> which is the hardware or software device that actually provides cryptographic services and optionally stores certificates and keys. Personal Security Manager provides a built-in PKCS #11 module. You may install additional modules on your computer to control smart card readers or other hardware devices.<P>
</A>
<A NAME="portable security password"></A><A NAME="1024655">
<B>portable security password.</B>&nbsp;
</A><A NAME="1024670">
A password that protects a certificate that you are backing up or have previously backed up. Personal Security Manager asks you to set this password when you back up a certificate, and requests it when you attempt to restore a certificate that has previously been backed up. <P>
</A>
<A NAME="private key"></A><A NAME="1015387">
<B>private key.</B>&nbsp;
</A><A NAME="1015391">
One of a pair of keys used in public-key cryptography. The private key is kept secret and is used to decrypt data that has been encrypted with the corresponding public key.<P>
</A>
<A NAME="PSM Private Keys security device"></A><A NAME="1032045">
<B>PSM Private Keys security device.</B>&nbsp;
</A><A NAME="1032110">
The default <a href="glossary.html#1028962">security device</a> used by Personal Security Manager to store private keys associated with your certificates. In addition to private keys, the PSM Private Keys security device stores the master key used by Netscape 6 to encrypt email passwords, web site passwords, and other sensitive information. See also <a href="glossary.html#1015387">private key</a>, <a href="glossary.html#1032598">master key</a>.<P>
</A>
<A NAME="public key"></A><A NAME="1019172">
<B>public key.</B>&nbsp;
</A><A NAME="1019173">
One of a pair of keys used in public-key cryptography. The public key is distributed freely and published as part of a <a href="glossary.html#1018895">certificate</a>. It is typically used to encrypt data sent to the public key's owner, who then decrypts the data with the corresponding private key.<P>
</A>
<A NAME="public-key cryptography"></A><A NAME="1019178">
<B>public-key cryptography.</B>&nbsp;
</A><A NAME="1023765">
A set of well-established techniques and standards that allow an entity (such as a person, an organization, or hardware such as a router) to verify its identity electronically or to sign and encrypt electronic data. Two keys are involved: a <a href="glossary.html#1019172">public key</a> and a <a href="glossary.html#1015387">private key</a>. The public key is published as part of a <a href="glossary.html#1018895">certificate</a>, which associates that key with a particular identity. The corresponding private key is kept secret. Data encrypted with the public key can be decrypted only with the private key. <P>
</A>
<A NAME="public-key infrastructure (PKI)"></A><A NAME="999412">
<B>public-key infrastructure (PKI).</B>&nbsp;
</A><A NAME="1014263">
The standards and services that facilitate the use of public-key cryptography and certificates in a networked environment.<P>
</A>
<A NAME="root CA"></A><A NAME="1015631">
<B>root CA.</B>&nbsp;
</A><A NAME="1015635">
The <a href="glossary.html#1020903">certificate authority (CA)</a> with a self-signed certificate at the top of a <a href="glossary.html#1018500">certificate chain</a>. See also <a href="glossary.html#999541">subordinate CA</a>.<P>
</A>
<A NAME="Secure Sockets Layer (SSL)"></A><A NAME="999463">
<B>Secure Sockets Layer (SSL).</B>&nbsp;
</A><A NAME="999472">
A protocol that allows mutual authentication between a <a href="glossary.html#1029510">client</a> and a <a href="glossary.html#1029749">server</a> for the purpose of establishing an authenticated and encrypted connection. SSL runs above TCP/IP and below HTTP, LDAP, IMAP, NNTP, and other high-level network protocols. The new Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL. See also <a href="glossary.html#998782">authentication</a>, <a href="glossary.html#999078">encryption</a>.<P>
</A>
<A NAME="security certificate"></A><A NAME="1028900">
<B>security certificate.</B>&nbsp;
</A><A NAME="1028904">
See <a href="glossary.html#1018895">certificate</a>.<P>
</A>
<A NAME="security device"></A><A NAME="1028962">
<B>security device.</B>&nbsp;
</A><A NAME="1028963">
A hardware or software device that provides cryptographic services such as encryption and decryption and can store certificates and keys. A smart card is one example of a hardware security device. Personal Security Manager contains its own internal security device, called the <a href="glossary.html#1032045">PSM Private Keys security device</a>, that is implemented in software. Each security device is protected by its own <a href="glossary.html#1032744">Personal Security Password</a>.<P>
</A>
<A NAME="security module"></A><A NAME="1029083">
<B>security module.</B>&nbsp;
</A><A NAME="1029097">
See <a href="glossary.html#1025197">PKCS #11 module</a>.<P>
</A>
<A NAME="security token"></A><A NAME="1028905">
<B>security token.</B>&nbsp;
</A><A NAME="1028909">
See <a href="glossary.html#1028962">security device</a>.<P>
</A>
<A NAME="server"></A><A NAME="1029749">
<B>server.</B>&nbsp;
</A><A NAME="1029869">
Software (such as software that serves up web pages) that receives requests from and sends information to a <a href="glossary.html#1029510">client</a>, which is usually running on a different computer. A computer on which server software runs is also described as a server.<P>
</A>
<A NAME="server authentication"></A><A NAME="1031070">
<B>server authentication.</B>&nbsp;
</A><A NAME="1031080">
The process of identifying a <a href="glossary.html#1029749">server</a> to a <a href="glossary.html#1029510">client</a> by using a <a href="glossary.html#1029874">server SSL certificate</a>. See also <a href="glossary.html#1021054">client authentication</a>, <a href="glossary.html#999463">Secure Sockets Layer (SSL)</a>.<P>
</A>
<A NAME="server SSL certificate"></A><A NAME="1029874">
<B>server SSL certificate.</B>&nbsp;
</A><A NAME="999500">
A certificate that a <a href="glossary.html#1029749">server</a> presents to a <a href="glossary.html#1029510">client</a> to authenticate the server's identity using the <a href="glossary.html#999463">Secure Sockets Layer (SSL)</a> protocol.<P>
</A>
<A NAME="signing certificate"></A><A NAME="999493">
<B>signing certificate.</B>&nbsp;
</A><A NAME="999507">
A certificate whose corresponding <a href="glossary.html#1015387">private key</a> is used to sign transmitted data, so that the receiver can verify the identity of the sender. Certificate authorities (CAs) often issue a signing certificate that will be used to sign email messages at the same time as an <a href="glossary.html#1024953">encryption certificate</a> that will be used to encrypt email messages. See also <a href="glossary.html#1020489">dual key pairs</a>, <a href="glossary.html#1013995">digital signature</a>.<P>
</A>
<A NAME="signing key"></A><A NAME="1021282">
<B>signing key.</B>&nbsp;
</A><A NAME="1021283">
A private key used for signing only. A signing key and its equivalent public key, together with an <a href="glossary.html#1021254">encryption key</a> and its equivalent public key, constitute <a href="glossary.html#1020489">dual key pairs</a>.<P>
</A>
<A NAME="slot"></A><A NAME="1025218">
<B>slot.</B>&nbsp;
</A><A NAME="1025222">
A piece of hardware, or its equivalent in software, that is controlled by a <a href="glossary.html#1025197">PKCS #11 module</a> and designed to contain a <a href="glossary.html#1028962">security device</a>. <P>
</A>
<A NAME="smart card"></A><A NAME="1027625">
<B>smart card.</B>&nbsp;
</A><A NAME="1027626">
A small device, typically about the size of a credit card, that contains a microprocessor and is capable of storing cryptographic information (such as keys and certificates) and performing cryptographic operations. Smart cards use the <a href="glossary.html#1025194">PKCS #11</a> standard. A smart card is one kind of <a href="glossary.html#1028962">security device</a>. <P>
</A>
<A NAME="spoofing"></A><A NAME="1014366">
<B>spoofing.</B>&nbsp;
</A><A NAME="1014367">
Pretending to be someone else. For example, a person can pretend to have the email address <FONT FACE="courier, courier new, monospace">jdoe@mozilla.com</FONT>, or a computer can identify itself as a site called <FONT FACE="courier, courier new, monospace">www.mozilla.com</FONT> when it is not. Spoofing is one form of <a href="glossary.html#1014057">misrepresentation</a>.<P>
</A>
<A NAME="SSL"></A><A NAME="999533">
<B>SSL.</B>&nbsp;
</A><A NAME="999539">
See <a href="glossary.html#999463">Secure Sockets Layer (SSL)</a>. <P>
</A>
<A NAME="subject"></A><A NAME="1013880">
<B>subject.</B>&nbsp;
</A><A NAME="1013881">
The entity (such as a person, organization, or router) identified by a <a href="glossary.html#1018895">certificate</a>. In particular, the subject field of a certificate contains the certified entity's <a href="glossary.html#1021328">subject name</a> and other characteristics.<P>
</A>
<A NAME="subject name"></A><A NAME="1021328">
<B>subject name.</B>&nbsp;
</A><A NAME="1021338">
A <a href="glossary.html#1022191">distinguished name (DN)</a> that uniquely describes the <a href="glossary.html#1013880">subject</a> of a <a href="glossary.html#1018895">certificate</a>.<P>
</A>
<A NAME="subordinate CA"></A><A NAME="999541">
<B>subordinate CA.</B>&nbsp;
</A><A NAME="999591">
A <a href="glossary.html#1020903">certificate authority (CA)</a> whose certificate is signed by another subordinate CA or by the root CA. See also <a href="glossary.html#1018500">certificate chain</a>, <a href="glossary.html#1015631">root CA</a>.<P>
</A>
<A NAME="symmetric encryption"></A><A NAME="999604">
<B>symmetric encryption.</B>&nbsp;
</A><A NAME="999625">
An encryption method that uses a single cryptographic key to both encrypt and decrypt a given message.<P>
</A>
<A NAME="tamper detection"></A><A NAME="999618">
<B>tamper detection.</B>&nbsp;
</A><A NAME="999631">
A mechanism ensuring that data received in electronic form has not been tampered with; that is, that the data received corresponds entirely with the original version of the same data.<P>
</A>
<A NAME="TLS"></A><A NAME="1027427">
<B>TLS.</B>&nbsp;
</A><A NAME="1027428">
See <a href="glossary.html#999463">Secure Sockets Layer (SSL)</a>.<P>
</A>
<A NAME="token"></A><A NAME="1024528">
<B>token.</B>&nbsp;
</A><A NAME="1024586">
See <a href="glossary.html#1028962">security device</a>.<P>
</A>
<A NAME="trust"></A><A NAME="1019748">
<B>trust.</B>&nbsp;
</A><A NAME="1020186">
Confident reliance on a person or other entity. In the context of <a href="glossary.html#999412">public-key infrastructure (PKI)</a>, trust usually refers to the relationship between the user of a certificate and the <a href="glossary.html#1020903">certificate authority (CA)</a> that issued the certificate. If you use Personal Security Manager to specify that you trust a CA, Personal Security Manager trusts valid certificates issued by that CA unless you specify otherwise in the settings for individual certificates. You use the Authorities panel of the Certificates tab in Personal Security Manager to specify the kinds of certificates you trust or don't trust different CAs to issue. <P>
</A>
<A NAME="1028719">
<B></B><a href="glossary.html#1028962"></a><P>
</A>
</dl>
<BR>
&copy; Copyright 2000 Netscape Communications Corporation
</FONT> </CENTER>
<BR>
</BODY>
</HTML>

560
extensions/help/resources/locale/en-US/help-toc.rdf
View File

@ -334,65 +334,597 @@
</nc:subheadings>
</rdf:Description>
<!-- SECURITY HELP CONTENT -->
<!-- PRIVACY HELP CONTENT -->
<rdf:Description about="urn:root">
<nc:subheadings>
<rdf:Seq>
<rdf:li> <rdf:Description ID="security-doc" nc:name="Understanding Privacy" nc:link="chrome://help/locale/security_help.html"/> </rdf:li>
<rdf:li> <rdf:Description ID="privacy-doc" nc:name="Understanding Privacy and Security" nc:link="chrome://help/locale/privacy_help.html"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#security-doc">
<rdf:Description about="#privacy-doc">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="security-doc-info" nc:name="How Does a Web Site Gather Information About Me?" nc:link="chrome://help/locale/security_help.html#privacy_gatherinfo"/> </rdf:li>
<rdf:Description ID="privacy-doc-info" nc:name="How Does a Web Site Gather Information About Me?" nc:link="chrome://help/locale/privacy_help.html#privacy_gatherinfo"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#security-doc">
<rdf:Description about="#privacy-doc">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="security-doc-visit" nc:name="What Information Does My Browser Give to a Web Site?" nc:link="chrome://help/locale/security_help.html#privacy_visit"/> </rdf:li>
<rdf:Description ID="privacy-doc-visit" nc:name="What Information Does My Browser Give to a Web Site?" nc:link="chrome://help/locale/privacy_help.html#privacy_visit"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#security-doc">
<rdf:Description about="#privacy-doc">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="security-doc-cookies" nc:name="What Are Cookies, and How Do They Work?" nc:link="chrome://help/locale/security_help.html#privacy_cookies"/> </rdf:li>
<rdf:Description ID="privacy-doc-cookies" nc:name="What Are Cookies, and How Do They Work?" nc:link="chrome://help/locale/privacy_help.html#privacy_cookies"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#security-doc">
<rdf:Description about="#privacy-doc">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="security-doc-unauth" nc:name="How Do I Make Sure Unauthorized People Don't Use Information About Me?" nc:link="chrome://help/locale/security_help.html#privacy_unauth"/> </rdf:li>
<rdf:Description ID="privacy-doc-unauth" nc:name="How Do I Make Sure Unauthorized People Don't Use Information About Me?" nc:link="chrome://help/locale/privacy_help.html#privacy_unauth"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#security-doc">
<rdf:Description about="#privacy-doc">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="security-doc-anon" nc:name="Browsing Anonymously"
nc:link="chrome://help/locale/security_help.html#privacy_anon"/> </rdf:li>
<rdf:Description ID="privacy-doc-anon" nc:name="Browsing Anonymously"
nc:link="chrome://help/locale/privacy_help.html#privacy_anon"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#privacy-doc">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="privacy-doc-certs" nc:name="Understanding Certificates"
nc:link="chrome://help/locale/cert_concepts_help.html"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#privacy-doc-certs">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="privacy-doc-certs-issues" nc:name="Internet Security Issues"
nc:link="chrome://help/locale/cert_concepts_help.html#Internet_Security_Issues"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#privacy-doc-certs">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="privacy-doc-certs-encryption" nc:name="Encryption and Decryption"
nc:link="chrome://help/locale/cert_concepts_help.html#Encryption_and_Decryption"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#privacy-doc-certs">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="privacy-doc-certs-crypto" nc:name="Public-Key Cryptography"
nc:link="chrome://help/locale/cert_concepts_help.html#Public-Key_Cryptography"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#privacy-doc-certs">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="privacy-doc-certs-digsig" nc:name="Digital Signatures"
nc:link="chrome://help/locale/cert_concepts_help.html#Digital_Signatures"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#privacy-doc-certs">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="privacy-doc-certs-certs" nc:name="Certificates"
nc:link="chrome://help/locale/cert_concepts_help.html#Certificates"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<!-- USING CONTENT -->
<rdf:Description about="urn:root">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="using-help" nc:name="Using Security and Privacy Features"
nc:link="chrome://help/locale/using_priv_help.html"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#using-help">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="using-help-cookies" nc:name="Using the Cookie Manager"
nc:link="chrome://help/locale/using_priv_help.html#using_cookies"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#using-help">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="using-help-password" nc:name="Using the Password Manager"
nc:link="chrome://help/locale/using_priv_help.html#using_password"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#using-help">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="using-help-forms" nc:name="Using the Form Manager"
nc:link="chrome://help/locale/using_priv_help.html#using_forms"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#using-help">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="using-help-encrypt" nc:name="Encrypting Stored Sensitive Information"
nc:link="chrome://help/locale/using_priv_help.html#using_encrypt"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#using-help">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="using-help-certs" nc:name="Using Certificates"
nc:link="chrome://help/locale/using_certs_help.html"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#using-help-certs">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="using-help-certs-get" nc:name="Get Your Own Certificate"
nc:link="chrome://help/locale/using_certs_help.html#using_certs_get"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#using-help-certs">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="using-help-certs-get" nc:name="Check Security For a Web Page"
nc:link="chrome://help/locale/using_certs_help.html#using_certs_get"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#using-help-certs">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="using-help-certs-manage" nc:name="Manage Certificates"
nc:link="chrome://help/locale/using_certs_help.html#using_certs_manage"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#using-help-certs">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="using-help-certs-devices" nc:name="Manage Smart Cards and Other Security Devices"
nc:link="chrome://help/locale/using_certs_help.html#using_certs_devices"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#using-help-certs">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="using-help-certs-ssl" nc:name="Edit SSL Settings"
nc:link="chrome://help/locale/using_certs_help.html#using_certs_ssl"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#using-help-certs">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="using-help-certs-validation" nc:name="Edit Validation Settings"
nc:link="chrome://help/locale/using_certs_help.html#using_certs_validation"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<!-- SSL PAGE INFO CONTENT -->
<rdf:Description about="urn:root">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="ssl-page-info-help" nc:name="SSL Page Info"
nc:link="chrome://help/locale/ssl_page_info_help.html"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<!-- CERTIFICATE MANAGER CONTENT -->
<rdf:Description about="urn:root">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="certs-help" nc:name="Certificate Manager"
nc:link="chrome://help/locale/certs_help.html"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<!-- MY CERTIFICATES CONTENT -->
<rdf:Description about="#certs-help">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="certs-help-my" nc:name="My Certificates"
nc:link="chrome://help/locale/certs_help.html#My_Certificates"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#certs-help-my">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="certs-help-my-backup-pwd" nc:name="Choose a Certificate Backup Password"
nc:link="chrome://help/locale/certs_help.html#Choose_a_Certificate_Backup_Password"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#certs-help-my">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="certs-help-my-delete" nc:name="Delete My Certificate"
nc:link="chrome://help/locale/certs_help.html#Delete_My_Certificate"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<!-- WEB SITE CERTIFICATES CONTENT -->
<rdf:Description about="#certs-help">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="certs-help-websites" nc:name="Web Site Certificates"
nc:link="chrome://help/locale/certs_help.html#Web_Site_Certificates"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#certs-help-websites">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="certs-help-websites-edit" nc:name="Edit Web Site Certificate Settings"
nc:link="chrome://help/locale/certs_help.html#Edit_Web_Site_Certificate_Settings"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#certs-help-websites">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="certs-help-websites-delete" nc:name="Delete Web Site Certificate"
nc:link="chrome://help/locale/certs_help.html#Delete_Web_Site_Certificate"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<!-- CA CERTIFICATES CONTENT -->
<rdf:Description about="#certs-help">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="certs-help-ca" nc:name="CA Certificates"
nc:link="chrome://help/locale/certs_help.html#CA_Certificates"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#certs-help-ca">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="certs-help-ca-edit" nc:name="Edit CA Certificate Settings"
nc:link="chrome://help/locale/certs_help.html#Edit_CA_Certificate_Settings"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#certs-help-ca">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="certs-help-ca-delete" nc:name="Delete CA Certificate"
nc:link="chrome://help/locale/certs_help.html#Delete_CA_Certificate"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#certs-help">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="certs-help-devices" nc:name="Security Devices"
nc:link="chrome://help/locale/certs_help.html#Security_Devices"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<!-- CERTIFICATE INFORMATION AND DECISIONS HELP CONTENT -->
<rdf:Description about="urn:root">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="cert-dialog-help" nc:name="Certificate Information and Decisions"
nc:link="chrome://help/locale/cert_dialog_help.html"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#cert-dialog-help">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="cert-dialog-help-details" nc:name="Certificate Details"
nc:link="chrome://help/locale/cert_dialog_help.html#Certificate_Details"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#cert-dialog-help">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="cert-dialog-help-choose-device" nc:name="Choose Security Device"
nc:link="chrome://help/locale/cert_dialog_help.html#Choose_Security_Device"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#cert-dialog-help">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="cert-dialog-help-enroll" nc:name="Enrollment Information"
nc:link="chrome://help/locale/cert_dialog_help.html#Enrollment_Information"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#cert-dialog-help">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="cert-dialog-help-renewal" nc:name="Certificate Renewal"
nc:link="chrome://help/locale/cert_dialog_help.html#Certificate_Renewal"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#cert-dialog-help">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="cert-dialog-help-userID" nc:name="User Identification Request"
nc:link="chrome://help/locale/cert_dialog_help.html#User_Identification_Request"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#cert-dialog-help">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="cert-dialog-help-newCA" nc:name="New Certificate Authority"
nc:link="chrome://help/locale/cert_dialog_help.html#New_Certificate_Authority"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#cert-dialog-help">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="cert-dialog-help-website" nc:name="Web Site Certificates"
nc:link="chrome://help/locale/cert_dialog_help.html#Web_Site_Certificates"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<!-- PRIVACY AND SECURITY SETTINGS CONTENT -->
<rdf:Description about="urn:root">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="privsec-help" nc:name="Privacy and Security Settings"
nc:link="chrome://help/locale/privsec_help.html"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<!-- PASSWORDS CONTENT -->
<rdf:Description about="#privsec-help">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="passwords-help" nc:name="Password Settings"
nc:link="chrome://help/locale/passwords_help.html"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#passwords-help">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="passwords-help-mgr" nc:name="Password Manager"
nc:link="chrome://help/locale/passwords_help.html#Password_Manager"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#passwords-help">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="passwords-help-encrypt" nc:name="Encrypting Versus Obscuring"
nc:link="chrome://help/locale/passwords_help.html#Encrypting_Versus_Obscuring"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#passwords-help">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="passwords-help-timeout" nc:name="Master Password Timeout"
nc:link="chrome://help/locale/passwords_help.html#Master_Password_Timeout"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<rdf:Description about="#passwords-help">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="passwords-help-master" nc:name="Change Master Password"
nc:link="chrome://help/locale/passwords_help.html#Change_Master_Password"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<!-- SSL SETTINGS CONTENT -->
<rdf:Description about="#privsec-help">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="ssl-settings" nc:name="SSL Settings"
nc:link="chrome://help/locale/ssl_help.html"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<!-- VALIDATION SETTINGS CONTENT -->
<rdf:Description about="#privsec-help">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="validation" nc:name="Validation Settings"
nc:link="chrome://help/locale/validation_help.html"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
<!-- GLOSSARY CONTENT -->
<rdf:Description about="urn:root">
<nc:subheadings>
<rdf:Seq>
<rdf:li>
<rdf:Description ID="glossary" nc:name="Glossary"
nc:link="chrome://help/locale/glossary.html"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
</rdf:RDF>

123
extensions/help/resources/locale/en-US/passwords_help.html Normal file
View File

@ -0,0 +1,123 @@
<html>
<head>
<title>Password Settings</title>
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
</head>
<body bgcolor="white">
<a NAME="passwords_first"></a>
<h1>Password Settings</h1>
<p>This section describes how to use the Passwords preferences panel. To access the panel, follow these steps:
<ol>
<li>Open the Edit menu and choose Preferences.
<li>Under the Privacy and Security category, choose Passwords. (If no options are available in this category, click to expand the list.)
</ol>
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
<tr>
<td class="inthissection">
<p>In this section:</p>
<p><a href="#Password_Manager">Password Manager</a></p>
<p><a href="#Encrypting_Versus_Obscuring">Encrypting Versus Obscuring</a></p>
<p><a href="#Master_Password_Timeout">Master Password Timeout</a></p>
<p><a href="#Change_Master_Password">Change Master Password</a></p>
</td>
</tr>
</table>
<p>&nbsp;</p>
<a NAME="Password_Manager"></a>
<h2>Password Manager</h2>
<p>Many web sites require you to type a user name and password before you can enter the site. For instance, personalized pages and web sites containing your financial information require you to log in.
<p>The user name and password you use at a particular site can be read by the site's administrator. If this concerns you, you may wish to use a different password at every site with which you register. Unfortunately, it is very difficult to remember every single password you've ever used.
<p>Password Manager can help you by storing your user names and passwords on your computer's hard disk, and entering them for you automatically when you visit such sites. For detailed information about using Password Manager, including how to override it for individual sites and how to view and manage stored passwords, see <a href="../..content/help.xul?using_password">Using the Password Manager</a>
<p>To activate Password Manager so that it automatically stores your user names and passwords and enters them for you as necessary, select the checkbox in the Passwords panel labeled "Remember passwords for sites that require me to log in."
<p>To turn off Password Manager, deselect the same checkbox.
<p>
[&nbsp;<A HREF="#passwords_first">Return to beginning of Passwords section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="Encrypting_Versus_Obscuring"></a>
<h2>Encrypting Versus Obscuring</h2>
<p>If you use Password Manager or Form Manager to save passwords and personal data, then this sensitive information is stored on your computer in a file that's difficult, but not impossible, for an intruder to read. This way of storing information is sometimes describes as "obscuring."
<p>If you are not concerned about unauthorized use of your computer, obscuring tmay be sufficient protection for your needs. However, if your computer is in an area where unauthorized people have access to it, it's possible for a determined person to read the file containing your sensitive information.
<p>For improved protection, you may want to protect the file with encryption. Encryption makes it nearly impossible for an unauthorized person to view your stored sensitive information.
<p>To turn on encryption for sensitive information stored on your computer, select the checkbox in the Passwords panel labeled "Use encryption when storing sensitive data."
<p>To turn off encryption for sensitive information, so that it is obscured but not encrypted, deselect the same checkbox.
<p>
[&nbsp;<A HREF="#passwords_first">Return to beginning of Passwords section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="Master_Password_Timeout"></a>
<h2>Master Password Timeout</h2>
<p>You can use the Passwords preferences panel to set how often the browser requires your Master Password. Here are some things you should consider when selecting these options:
<ul>
<LI><B>First time sensitive information (such as your certificate) is requested.</B> If you work in an office with strong physical security measures or if you feel that the consequences of somebody else using your computer to impersonate you are not extreme, click this radio button. This setting causes Personal Security Manager to request your Personal Security Password only the first time it is required after you launch your browser. Personal Security Manager will not request it again until after you exit and relaunch your browser. This setting provides the lowest level of protection.
<LI><B>Every time sensitive information (such as your certificate) is requested.</B> If you are very concerned about the possibility that somebody else might be able to use your computer to impersonate you, click this radio button. This setting ensures that Personal Security Manager will never access the private key database without first requesting your Personal Security Password. This setting provides the highest level of protection.
<LI><B>After </B><I>blank</I><B> minutes of inactivity on an encrypted site.</B> If you are somewhat concerned about the possibility that somebody else might be able to use your computer to impersonate you, but not enough to type in your Master Password at frequent intervals, click this radio button and fill in the box with a value you feel comfortable with (for best protection, this should be a fairly low number of minutes, such as 20). This setting is appropriate if you sometimes send or receive confidential information to or from web sites that support encryption. <B>Note that this setting provides little protection against someone using your computer to send a signed email message in your name. </B>
</ul>
<p>
[&nbsp;<A HREF="#passwords_first">Return to beginning of Passwords section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="Change_Master_Password"></a>
<h2>Change Master Password</h2>
<p>A Master Password protects a security device, which is a software or hardware device that stores sensitive information associated with your identity, such as keys or certificates. For example, the browser has a default software security device, and you can also use external security devices, such as smart cards, if your computer is configured to use them.
<p>The Master Password for the browser's internal software security device also protects your master key. Your master key is used to encrypt sensitive information such as email passwords, web site passwords, and other data stored by the Password Manager and Forms Manager. If someone uses your computer who knows or can guess the Master Password for the software security device, that person may be able to access web sites while pretending to be you. This can be dangerous&#151;for example, if you manage your financial accounts over the Internet. Therefore, it's important to select a Master Password that is difficult to guess.
<p><b>[Discussion of new password quality meter]</b></p>
<p>It's also important to record your Master Password in a safe place&#151;and<I> not </I>anywhere that's easily accessible to someone else. If you forget this password, you may not be able to access important information, such as web sites that require passwords or certificates stored on your computer. For more information about the consequences of losing your Master Password, see <a href="xxx">link to troubleshooting section on loosing your password</a>.</P>
<p>Note that each security device requires a separate Master Password. For example, if you are using one or more smart cards to store some of your certificates, you must set a separate Master Password for each one. </P>
<p>
[&nbsp;<A HREF="#passwords_first">Return to beginning of Passwords section</A>&nbsp;]
</p>
<hr>
<p><i>2/12/2001</i></p>
<p>Copyright &copy; 1994-2001 Netscape Communications Corporation.</p>
</body>
</html>

123
extensions/help/resources/locale/en-US/passwords_help.xhtml Normal file
View File

@ -0,0 +1,123 @@
<html>
<head>
<title>Password Settings</title>
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
</head>
<body bgcolor="white">
<a NAME="passwords_first"></a>
<h1>Password Settings</h1>
<p>This section describes how to use the Passwords preferences panel. To access the panel, follow these steps:
<ol>
<li>Open the Edit menu and choose Preferences.
<li>Under the Privacy and Security category, choose Passwords. (If no options are available in this category, click to expand the list.)
</ol>
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
<tr>
<td class="inthissection">
<p>In this section:</p>
<p><a href="#Password_Manager">Password Manager</a></p>
<p><a href="#Encrypting_Versus_Obscuring">Encrypting Versus Obscuring</a></p>
<p><a href="#Master_Password_Timeout">Master Password Timeout</a></p>
<p><a href="#Change_Master_Password">Change Master Password</a></p>
</td>
</tr>
</table>
<p>&nbsp;</p>
<a NAME="Password_Manager"></a>
<h2>Password Manager</h2>
<p>Many web sites require you to type a user name and password before you can enter the site. For instance, personalized pages and web sites containing your financial information require you to log in.
<p>The user name and password you use at a particular site can be read by the site's administrator. If this concerns you, you may wish to use a different password at every site with which you register. Unfortunately, it is very difficult to remember every single password you've ever used.
<p>Password Manager can help you by storing your user names and passwords on your computer's hard disk, and entering them for you automatically when you visit such sites. For detailed information about using Password Manager, including how to override it for individual sites and how to view and manage stored passwords, see <a href="../..content/help.xul?using_password">Using the Password Manager</a>
<p>To activate Password Manager so that it automatically stores your user names and passwords and enters them for you as necessary, select the checkbox in the Passwords panel labeled "Remember passwords for sites that require me to log in."
<p>To turn off Password Manager, deselect the same checkbox.
<p>
[&nbsp;<A HREF="#passwords_first">Return to beginning of Passwords section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="Encrypting_Versus_Obscuring"></a>
<h2>Encrypting Versus Obscuring</h2>
<p>If you use Password Manager or Form Manager to save passwords and personal data, then this sensitive information is stored on your computer in a file that's difficult, but not impossible, for an intruder to read. This way of storing information is sometimes describes as "obscuring."
<p>If you are not concerned about unauthorized use of your computer, obscuring tmay be sufficient protection for your needs. However, if your computer is in an area where unauthorized people have access to it, it's possible for a determined person to read the file containing your sensitive information.
<p>For improved protection, you may want to protect the file with encryption. Encryption makes it nearly impossible for an unauthorized person to view your stored sensitive information.
<p>To turn on encryption for sensitive information stored on your computer, select the checkbox in the Passwords panel labeled "Use encryption when storing sensitive data."
<p>To turn off encryption for sensitive information, so that it is obscured but not encrypted, deselect the same checkbox.
<p>
[&nbsp;<A HREF="#passwords_first">Return to beginning of Passwords section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="Master_Password_Timeout"></a>
<h2>Master Password Timeout</h2>
<p>You can use the Passwords preferences panel to set how often the browser requires your Master Password. Here are some things you should consider when selecting these options:
<ul>
<LI><B>First time sensitive information (such as your certificate) is requested.</B> If you work in an office with strong physical security measures or if you feel that the consequences of somebody else using your computer to impersonate you are not extreme, click this radio button. This setting causes Personal Security Manager to request your Personal Security Password only the first time it is required after you launch your browser. Personal Security Manager will not request it again until after you exit and relaunch your browser. This setting provides the lowest level of protection.
<LI><B>Every time sensitive information (such as your certificate) is requested.</B> If you are very concerned about the possibility that somebody else might be able to use your computer to impersonate you, click this radio button. This setting ensures that Personal Security Manager will never access the private key database without first requesting your Personal Security Password. This setting provides the highest level of protection.
<LI><B>After </B><I>blank</I><B> minutes of inactivity on an encrypted site.</B> If you are somewhat concerned about the possibility that somebody else might be able to use your computer to impersonate you, but not enough to type in your Master Password at frequent intervals, click this radio button and fill in the box with a value you feel comfortable with (for best protection, this should be a fairly low number of minutes, such as 20). This setting is appropriate if you sometimes send or receive confidential information to or from web sites that support encryption. <B>Note that this setting provides little protection against someone using your computer to send a signed email message in your name. </B>
</ul>
<p>
[&nbsp;<A HREF="#passwords_first">Return to beginning of Passwords section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="Change_Master_Password"></a>
<h2>Change Master Password</h2>
<p>A Master Password protects a security device, which is a software or hardware device that stores sensitive information associated with your identity, such as keys or certificates. For example, the browser has a default software security device, and you can also use external security devices, such as smart cards, if your computer is configured to use them.
<p>The Master Password for the browser's internal software security device also protects your master key. Your master key is used to encrypt sensitive information such as email passwords, web site passwords, and other data stored by the Password Manager and Forms Manager. If someone uses your computer who knows or can guess the Master Password for the software security device, that person may be able to access web sites while pretending to be you. This can be dangerous&#151;for example, if you manage your financial accounts over the Internet. Therefore, it's important to select a Master Password that is difficult to guess.
<p><b>[Discussion of new password quality meter]</b></p>
<p>It's also important to record your Master Password in a safe place&#151;and<I> not </I>anywhere that's easily accessible to someone else. If you forget this password, you may not be able to access important information, such as web sites that require passwords or certificates stored on your computer. For more information about the consequences of losing your Master Password, see <a href="xxx">link to troubleshooting section on loosing your password</a>.</P>
<p>Note that each security device requires a separate Master Password. For example, if you are using one or more smart cards to store some of your certificates, you must set a separate Master Password for each one. </P>
<p>
[&nbsp;<A HREF="#passwords_first">Return to beginning of Passwords section</A>&nbsp;]
</p>
<hr>
<p><i>2/12/2001</i></p>
<p>Copyright &copy; 1994-2001 Netscape Communications Corporation.</p>
</body>
</html>

219
extensions/help/resources/locale/en-US/privacy_help.html Normal file
View File

@ -0,0 +1,219 @@
<html>
<head>
<title>Understanding Privacy</title>
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
</head>
<body bgcolor="white">
<a NAME="sec_maintain"></a>
<h1>Privacy on the Internet</h1>
<p>The Internet is a public network of millions of computers, all sharing information. On the Internet, communications move back and forth across public lines and through numerous connections. As with all public lines, eavesdropping is possible.</p>
<p>Fortunately, your browser contains features that safeguard security. There are also several things you personally can do to safeguard your privacy and security while on the Internet. Click one of the links below to learn more.</p>
<p>In addition to the information in this document, you can always find the latest news about security at Netscape's <a href="http://home.netscape.com/security/index.html" target="_blank">Security Center</a>. For more information about privacy and security, including information about viruses, secure email, safe online shopping and banking, and safe surfing for children, see
<a href="http://home.netscape.com/security/basics/index.html?cp=sciln" target="_blank">Understanding Security</a>, a document located at the Security Center.
<p>For the quickest introduction to privacy issues, see the <a href="chrome://communicator/locale/wallet/privacy.html">Privacy Tutorial</a>.
<p>&nbsp;</p>
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
<tr>
<td class="inthissections">
<p>In this section:</p>
<p><a href="#privacy_gatherinfo">How Does a Web Site Gather Information About Me?</a></p>
<p><a href="#privacy_visit">What Information Does My Browser Give to a Web Site?</a></p>
<p><a href="#privacy_cookies">What Are Cookies, and How Do They Work?</a></p>
<p><a href="#privacy_unauth">How Do I Make Sure Unauthorized People Don't Use Information About Me?</a></p>
<p><a href="#privacy_anon">Browsing Anonymously</a></p></td>
</tr>
</table>
<p>&nbsp;</p>
<a NAME="privacy_gatherinfo"></a>
<h2>How Does a Web Site Gather Information About Me?</h2>
<p>There are two ways that a site can obtain information about you:
<ul>
<li>When you request to view a page from a site, a certain amount of information is disclosed in the page request that your browser makes on your behalf.
<p>
<li>If you fill out and submit an online form, the information you filled in is sent to the site.
</ul>
<p>There are two ways for sites to store information about you:
<ul>
<li>While your browser is getting a page from a web site, the site could ask your browser to store a small amount of information about you on your own hard disk. This stored information is called a "cookie." A site that stores (or "sets") a cookie will ask your browser to let it read the cookie the next time you visit.
<p>
<li>Any information you give a web site (by filling out an online form) could be stored on the web site's computers.
</ul>
<p>A web page <b>can't</b> find out your e-mail address, name, or any
other personal information unless you explicity provide it.
You are in control---nobody can obtain personal information about
you unless you allow it.
<p>&nbsp;</p>
<a NAME="privacy_visit"></a>
<h2>What Information Does My Browser Give to a Web Site?</h2>
<p>When you request to view a web page from a site---which you do each time you click a link or type a URL---a small amount of information is given to the site. This information includes your operating environment, your Internet address (<i>not</i> your email address), and the page you're coming from.
<p><b>Operating Environment</b>
<p>The site is told something about your operating environment, such as
your browser type and operating system. This helps the site present the page
in the best way for your screen. For example, the site might learn that you
use the French version of a mozilla-based browser on a Windows 2000 computer.
<a name="ip"></a>
<p><b>Internet Address</b>
<p>Your browser must tell the site your Internet address (also known as the Internet Protocol, or IP address) so the site knows where to send the page you are requesting. The site can't present the page you want to see unless it knows your IP address.
<p>Your IP address can be either temporary or fixed (static).
<p>If you connect to the Internet through a standard modem that's attached to your phone line, then your Internet Service Provider (ISP) assigns you a temporary IP address each time you log on. You use the temporary IP address for the duration of your Internet session. Each ISP has many IP addresses, and they assign the addresses at random to users. A web site can tell which ISP a temporary IP address comes from, but it can't learn anything about you personally from your temporary IP address.
<p><b>Important:</b> Your IP address is <b>not</b> your email address. Your email address uniquely identifies you in cyberspace just as your social security number identifies you in the real world. A temporary IP address is no more a part of your identity than the phone number
of a pay telephone you use to make a call.
<p>If you have DSL, a cable modem, or a fiber-optic connection, you may have a fixed IP address that you use every time you connect.
<p>Whether your IP address is temporary or fixed, you might not want that information
to be given to a site you intend to visit. To block your IP address from being given out, see <a href="#privacy_anon">Browsing Anonymously</a>.
<p><b>Referring Page</b>
<p>The site is also told which page you were reading when you clicked the
link to the page you are now requesting. This allows the site to know which
site referred you. Or, as you traverse the site, it allows the site to know
which of its pages you came from.
<p>&nbsp;</p>
<a NAME="privacy_cookies"></a>
<h2>What Are Cookies, and How Do They Work?</h2>
<p>A cookie is a small bit of information used by some web sites. When you visit the site that uses cookies, the site might ask your browser to place one or more cookies on your hard disk.
<p>Later, when you return to the site, your browser sends back the cookies that belong to the site.
<p>By default, this activity is invisible to you, and you won't know when a site is setting a cookie or when your browser is sending a web site's cookie back. However, you can set your preferences so that you will be asked before a cookie is set.
<h3>Why Permit Cookies?</h3>
<p>There are times when it would be to your advantage to allow
a site to know something about your previous visits.
For example, if you were previously filling out a long form and got as
far as page 17, it would be nice if the site could take you immediately
to page 17 on your next visit.
<h3>Why Reject Cookies?</h3>
<p>If a site can store a cookie, it can keep track of everything you've done
while visiting the site by writing these things into a cookie that it keeps
updating. In this way, a site can build a profile on you.
<p>This may be a good thing or a bad thing depending on what the site
does with the information. For example, it might be good if
a bookseller knew you frequently looked for information on dogs so
it could tell you about a new dog book. It might be bad if the bookseller then
sold that information to the local dog pound so they could cross-check
for potential dog owners who do not have valid dog licenses.
<h3>How Do Sites Use Cookie Information?</h3>
<p>Web sites can use cookie information to tailor their presentations to you, and advertisers can use such information to target online ads to your interests and buying information. Reputable web sites have prvacy policies that describe how they use the information they receive.
<p>When in doubt, always check a web site's privacy policy before permitting a cookie to be set, and before providing any personal information (such as your name and email address).</p>
<a name="privacy_foreign"></a>
<h3>Encountering Foreign Cookies</h3>
<p>If your browser stores a site's cookie, it will return the cookie only to that particular site. Your browser will not provide one site with cookies set by another. Since a web site can only receive back its own cookies, it can keep track of your activities while you are at that site but not your activities in general while surfing the Web.
<p>But suppose that while you visit site ABC.com, a cookie gets
stored not by ABC.com but by a different site called XYZ.com.
ABC.com can cause that to happen very simply by displaying an image from
XYZ.com. So when you visit ABC.com your browser makes a side-trip to
XYZ.com to get the image, and XYZ.com stores the cookie at that time.
<p>If XYZ.com enlists many sites to display its cookie-storing image,
it can build up a cookie that contains information about your behavior at
all those sites. The more sites that display XYZ.com's image,
the more encompassing a profile it can build on you.
<p>Such cookies that are stored by the site other than the one that you
think you are visiting are called <i>foreign cookies</i>. If you
are concerned about foreign cookies but not about ordinary cookies,
you could give permission for sites to store ordinary cookies only but
not foreign ones.
<p>You use Cookie Manager to specify what types of cookies
you want your browser to accept.
<p>&nbsp;</p>
<a NAME="privacy_unauth"></a>
<h2>How Do I Make Sure Unauthorized People Don't Use Information About Me?</h2>
<p>The best way to keep your information private is to be cautious about providing it to others. The Internet is a public network, and you should assume that when someone asks you for your name, phone number, address, and other information, they may share that information with others.</p>
<p>Providing your name, address, and phone number on the web is like having a listing in the telephone book. In fact, if you are listed in the white pages of the telephone book, your name, address, and phone number are probably listed in online directories and other databases on the World Wide Web. (Try looking yourself up in a directory such as People Finder or Yellow Pages.)</p>
<p>If a web site asks for information about you, always check the site's privacy policy before proceeding. Here are some questions you might ask about a web site's privacy policy:
<ul>
<li>What kinds of personal information is this site gathering?
<li>How will the site use the information?
<li>Will the site share the information with others, for purposes unrelated to my dealing with the site?
<li>Can I access some or all of the information a site gathers about me, in order to inspect or update it?
<li>How does the site keep intruders from viewing the information?
<li>How do I contact the web site if I have questions or problems?
</ul>
<p>&nbsp;</p>
<a NAME="privacy_anon"></a>
<h2>Browsing Anonymously</h2>
<p>&nbsp;</p>
<p>When you request to see a page from a site, your browser must tell the site your <a href="#ip">Internet address</a> (IP address) so the site knows where to send the page. Your IP address can be either temporary or fixed (static).
<p>Whether your IP address is temporary or fixed, you might not want that information to be given to a site you intend to visit. But if your browser doesn't provide this information, the site won't know where to deliver the requested page. So this is the one piece of information that you can't ask
your browser not to reveal.
<p>If you really want to hide your IP address from the site, you need to
use some trusted intermediate site. You go to the intermediate site
and tell it the name of the site whose page you want. The intermediate
site requests the page on your behalf, using its own IP address as the
return address. Then, when it gets the page, it forwards it on to
you. The site that supplied the page never gets to see your IP address.
<p>There are several sites that provide such services. Use your favorite
search engine to find them---try search words such as "anonymous" and
"surfing".
<p>
[&nbsp;<A HREF="#sec_first">Return to beginning of section</A>&nbsp;]
</p>
<hr>
<p><i>10/6/00</i></p>
<hr>
<p>Copyright &copy; 1994-2000 Netscape Communications Corporation.</p>
</body>
</html>

219
extensions/help/resources/locale/en-US/privacy_help.xhtml Normal file
View File

@ -0,0 +1,219 @@
<html>
<head>
<title>Understanding Privacy</title>
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
</head>
<body bgcolor="white">
<a NAME="sec_maintain"></a>
<h1>Privacy on the Internet</h1>
<p>The Internet is a public network of millions of computers, all sharing information. On the Internet, communications move back and forth across public lines and through numerous connections. As with all public lines, eavesdropping is possible.</p>
<p>Fortunately, your browser contains features that safeguard security. There are also several things you personally can do to safeguard your privacy and security while on the Internet. Click one of the links below to learn more.</p>
<p>In addition to the information in this document, you can always find the latest news about security at Netscape's <a href="http://home.netscape.com/security/index.html" target="_blank">Security Center</a>. For more information about privacy and security, including information about viruses, secure email, safe online shopping and banking, and safe surfing for children, see
<a href="http://home.netscape.com/security/basics/index.html?cp=sciln" target="_blank">Understanding Security</a>, a document located at the Security Center.
<p>For the quickest introduction to privacy issues, see the <a href="chrome://communicator/locale/wallet/privacy.html">Privacy Tutorial</a>.
<p>&nbsp;</p>
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
<tr>
<td class="inthissections">
<p>In this section:</p>
<p><a href="#privacy_gatherinfo">How Does a Web Site Gather Information About Me?</a></p>
<p><a href="#privacy_visit">What Information Does My Browser Give to a Web Site?</a></p>
<p><a href="#privacy_cookies">What Are Cookies, and How Do They Work?</a></p>
<p><a href="#privacy_unauth">How Do I Make Sure Unauthorized People Don't Use Information About Me?</a></p>
<p><a href="#privacy_anon">Browsing Anonymously</a></p></td>
</tr>
</table>
<p>&nbsp;</p>
<a NAME="privacy_gatherinfo"></a>
<h2>How Does a Web Site Gather Information About Me?</h2>
<p>There are two ways that a site can obtain information about you:
<ul>
<li>When you request to view a page from a site, a certain amount of information is disclosed in the page request that your browser makes on your behalf.
<p>
<li>If you fill out and submit an online form, the information you filled in is sent to the site.
</ul>
<p>There are two ways for sites to store information about you:
<ul>
<li>While your browser is getting a page from a web site, the site could ask your browser to store a small amount of information about you on your own hard disk. This stored information is called a "cookie." A site that stores (or "sets") a cookie will ask your browser to let it read the cookie the next time you visit.
<p>
<li>Any information you give a web site (by filling out an online form) could be stored on the web site's computers.
</ul>
<p>A web page <b>can't</b> find out your e-mail address, name, or any
other personal information unless you explicity provide it.
You are in control---nobody can obtain personal information about
you unless you allow it.
<p>&nbsp;</p>
<a NAME="privacy_visit"></a>
<h2>What Information Does My Browser Give to a Web Site?</h2>
<p>When you request to view a web page from a site---which you do each time you click a link or type a URL---a small amount of information is given to the site. This information includes your operating environment, your Internet address (<i>not</i> your email address), and the page you're coming from.
<p><b>Operating Environment</b>
<p>The site is told something about your operating environment, such as
your browser type and operating system. This helps the site present the page
in the best way for your screen. For example, the site might learn that you
use the French version of a mozilla-based browser on a Windows 2000 computer.
<a name="ip"></a>
<p><b>Internet Address</b>
<p>Your browser must tell the site your Internet address (also known as the Internet Protocol, or IP address) so the site knows where to send the page you are requesting. The site can't present the page you want to see unless it knows your IP address.
<p>Your IP address can be either temporary or fixed (static).
<p>If you connect to the Internet through a standard modem that's attached to your phone line, then your Internet Service Provider (ISP) assigns you a temporary IP address each time you log on. You use the temporary IP address for the duration of your Internet session. Each ISP has many IP addresses, and they assign the addresses at random to users. A web site can tell which ISP a temporary IP address comes from, but it can't learn anything about you personally from your temporary IP address.
<p><b>Important:</b> Your IP address is <b>not</b> your email address. Your email address uniquely identifies you in cyberspace just as your social security number identifies you in the real world. A temporary IP address is no more a part of your identity than the phone number
of a pay telephone you use to make a call.
<p>If you have DSL, a cable modem, or a fiber-optic connection, you may have a fixed IP address that you use every time you connect.
<p>Whether your IP address is temporary or fixed, you might not want that information
to be given to a site you intend to visit. To block your IP address from being given out, see <a href="#privacy_anon">Browsing Anonymously</a>.
<p><b>Referring Page</b>
<p>The site is also told which page you were reading when you clicked the
link to the page you are now requesting. This allows the site to know which
site referred you. Or, as you traverse the site, it allows the site to know
which of its pages you came from.
<p>&nbsp;</p>
<a NAME="privacy_cookies"></a>
<h2>What Are Cookies, and How Do They Work?</h2>
<p>A cookie is a small bit of information used by some web sites. When you visit the site that uses cookies, the site might ask your browser to place one or more cookies on your hard disk.
<p>Later, when you return to the site, your browser sends back the cookies that belong to the site.
<p>By default, this activity is invisible to you, and you won't know when a site is setting a cookie or when your browser is sending a web site's cookie back. However, you can set your preferences so that you will be asked before a cookie is set.
<h3>Why Permit Cookies?</h3>
<p>There are times when it would be to your advantage to allow
a site to know something about your previous visits.
For example, if you were previously filling out a long form and got as
far as page 17, it would be nice if the site could take you immediately
to page 17 on your next visit.
<h3>Why Reject Cookies?</h3>
<p>If a site can store a cookie, it can keep track of everything you've done
while visiting the site by writing these things into a cookie that it keeps
updating. In this way, a site can build a profile on you.
<p>This may be a good thing or a bad thing depending on what the site
does with the information. For example, it might be good if
a bookseller knew you frequently looked for information on dogs so
it could tell you about a new dog book. It might be bad if the bookseller then
sold that information to the local dog pound so they could cross-check
for potential dog owners who do not have valid dog licenses.
<h3>How Do Sites Use Cookie Information?</h3>
<p>Web sites can use cookie information to tailor their presentations to you, and advertisers can use such information to target online ads to your interests and buying information. Reputable web sites have prvacy policies that describe how they use the information they receive.
<p>When in doubt, always check a web site's privacy policy before permitting a cookie to be set, and before providing any personal information (such as your name and email address).</p>
<a name="privacy_foreign"></a>
<h3>Encountering Foreign Cookies</h3>
<p>If your browser stores a site's cookie, it will return the cookie only to that particular site. Your browser will not provide one site with cookies set by another. Since a web site can only receive back its own cookies, it can keep track of your activities while you are at that site but not your activities in general while surfing the Web.
<p>But suppose that while you visit site ABC.com, a cookie gets
stored not by ABC.com but by a different site called XYZ.com.
ABC.com can cause that to happen very simply by displaying an image from
XYZ.com. So when you visit ABC.com your browser makes a side-trip to
XYZ.com to get the image, and XYZ.com stores the cookie at that time.
<p>If XYZ.com enlists many sites to display its cookie-storing image,
it can build up a cookie that contains information about your behavior at
all those sites. The more sites that display XYZ.com's image,
the more encompassing a profile it can build on you.
<p>Such cookies that are stored by the site other than the one that you
think you are visiting are called <i>foreign cookies</i>. If you
are concerned about foreign cookies but not about ordinary cookies,
you could give permission for sites to store ordinary cookies only but
not foreign ones.
<p>You use Cookie Manager to specify what types of cookies
you want your browser to accept.
<p>&nbsp;</p>
<a NAME="privacy_unauth"></a>
<h2>How Do I Make Sure Unauthorized People Don't Use Information About Me?</h2>
<p>The best way to keep your information private is to be cautious about providing it to others. The Internet is a public network, and you should assume that when someone asks you for your name, phone number, address, and other information, they may share that information with others.</p>
<p>Providing your name, address, and phone number on the web is like having a listing in the telephone book. In fact, if you are listed in the white pages of the telephone book, your name, address, and phone number are probably listed in online directories and other databases on the World Wide Web. (Try looking yourself up in a directory such as People Finder or Yellow Pages.)</p>
<p>If a web site asks for information about you, always check the site's privacy policy before proceeding. Here are some questions you might ask about a web site's privacy policy:
<ul>
<li>What kinds of personal information is this site gathering?
<li>How will the site use the information?
<li>Will the site share the information with others, for purposes unrelated to my dealing with the site?
<li>Can I access some or all of the information a site gathers about me, in order to inspect or update it?
<li>How does the site keep intruders from viewing the information?
<li>How do I contact the web site if I have questions or problems?
</ul>
<p>&nbsp;</p>
<a NAME="privacy_anon"></a>
<h2>Browsing Anonymously</h2>
<p>&nbsp;</p>
<p>When you request to see a page from a site, your browser must tell the site your <a href="#ip">Internet address</a> (IP address) so the site knows where to send the page. Your IP address can be either temporary or fixed (static).
<p>Whether your IP address is temporary or fixed, you might not want that information to be given to a site you intend to visit. But if your browser doesn't provide this information, the site won't know where to deliver the requested page. So this is the one piece of information that you can't ask
your browser not to reveal.
<p>If you really want to hide your IP address from the site, you need to
use some trusted intermediate site. You go to the intermediate site
and tell it the name of the site whose page you want. The intermediate
site requests the page on your behalf, using its own IP address as the
return address. Then, when it gets the page, it forwards it on to
you. The site that supplied the page never gets to see your IP address.
<p>There are several sites that provide such services. Use your favorite
search engine to find them---try search words such as "anonymous" and
"surfing".
<p>
[&nbsp;<A HREF="#sec_first">Return to beginning of section</A>&nbsp;]
</p>
<hr>
<p><i>10/6/00</i></p>
<hr>
<p>Copyright &copy; 1994-2000 Netscape Communications Corporation.</p>
</body>
</html>

54
extensions/help/resources/locale/en-US/privsec_help.html Normal file
View File

@ -0,0 +1,54 @@
<html>
<head>
<title>Privacy and Security Settings</title>
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
</head>
<body bgcolor="white">
<a NAME="cert_dialog_help_first"></a>
<h1>Privacy and Security Settings </h1>
<p>This section describes how to modify the Privacy and Security preferences. To access them, follow these steps:
<ol>
<li>Open the Edit menu and choose Preferences.
<li>Click the Privacy and Security category. If no subcategories are visible, click its triangle to expand the list, then click the name for the preferences you want to view or change.
</ol>
<p>For help with a panel's settings, click the Help button at the bottom of that panel.
<p>For help with the top-level Privacy and Security panel, keep reading.
<a NAME="Reset_Settings"></a>
<h3>Reset Preferences</h3>
<p>To set all the Privacy and Security settings back to their default values, click Reset Preferences.
<a NAME="Manage_Certificates"></a>
<h3>Manage Certificates</h3>
<p>Certificates are the digital equipvalent of ID cards--they help other people
identify you, and they help you identify other people, web sites, and organizations.
<p>To examine or configure the certificates you have on file, click Manage Certificates.
<a NAME="Manage_Security_Devices"></a>
<h3>Manage Security Devices</h3>
<p>A security device is a hardware or software device that stores your certificates and keys.
For example, a smart card is a security device. Netscape 6 has its own built-in software
security device, and you can use additional security devices, such as smart cards, at the same time.
<p>To examine or configure your security devices, click Manage Security Devices.
<hr>
<p><i>3/22/2001</i></p>
<p>Copyright &copy; 1994-2001 Netscape Communications Corporation.</p>
</body>
</html>

54
extensions/help/resources/locale/en-US/privsec_help.xhtml Normal file
View File

@ -0,0 +1,54 @@
<html>
<head>
<title>Privacy and Security Settings</title>
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
</head>
<body bgcolor="white">
<a NAME="cert_dialog_help_first"></a>
<h1>Privacy and Security Settings </h1>
<p>This section describes how to modify the Privacy and Security preferences. To access them, follow these steps:
<ol>
<li>Open the Edit menu and choose Preferences.
<li>Click the Privacy and Security category. If no subcategories are visible, click its triangle to expand the list, then click the name for the preferences you want to view or change.
</ol>
<p>For help with a panel's settings, click the Help button at the bottom of that panel.
<p>For help with the top-level Privacy and Security panel, keep reading.
<a NAME="Reset_Settings"></a>
<h3>Reset Preferences</h3>
<p>To set all the Privacy and Security settings back to their default values, click Reset Preferences.
<a NAME="Manage_Certificates"></a>
<h3>Manage Certificates</h3>
<p>Certificates are the digital equipvalent of ID cards--they help other people
identify you, and they help you identify other people, web sites, and organizations.
<p>To examine or configure the certificates you have on file, click Manage Certificates.
<a NAME="Manage_Security_Devices"></a>
<h3>Manage Security Devices</h3>
<p>A security device is a hardware or software device that stores your certificates and keys.
For example, a smart card is a security device. Netscape 6 has its own built-in software
security device, and you can use additional security devices, such as smart cards, at the same time.
<p>To examine or configure your security devices, click Manage Security Devices.
<hr>
<p><i>3/22/2001</i></p>
<p>Copyright &copy; 1994-2001 Netscape Communications Corporation.</p>
</body>
</html>

651
extensions/help/resources/locale/en-US/security_help.html
View File

@ -1,651 +0,0 @@
<html>
<head>
<title>Understanding Privacy</title>
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
</head>
<body bgcolor="white">
<a NAME="sec_maintain"></a>
<h1>Privacy on the Internet</h1>
<p>The Internet is a public network of millions of computers, all sharing information. On the Internet, communications move back and forth across public lines and through numerous connections. As with all public lines, eavesdropping is possible.</p>
<p>Fortunately, your browser contains features that safeguard security. There are also several things you personally can do to safeguard your privacy and security while on the Internet. Click one of the links below to learn more.</p>
<p>In addition to the information in this document, you can always find the latest news about security at Netscape's <a href="http://home.netscape.com/security/index.html" target="_blank">Security Center</a>. For more information about privacy and security, including information about viruses, secure email, safe online shopping and banking, and safe surfing for children, see
<a href="http://home.netscape.com/security/basics/index.html?cp=sciln" target="_blank">Understanding Security</a>, a document located at the Security Center.
<p>For the quickest introduction to privacy issues, see the <a href="chrome://communicator/locale/wallet/privacy.html">Privacy Tutorial</a>.
<p>&nbsp;</p>
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
<tr>
<td class="inthissections">
<p>In this section:</p>
<p><a href="#privacy_gatherinfo">How Does a Web Site Gather Information About Me?</a></p>
<p><a href="#privacy_visit">What Information Does My Browser Give to a Web Site?</a></p>
<p><a href="#privacy_cookies">What Are Cookies, and How Do They Work?</a></p>
<p><a href="#privacy_unauth">How Do I Make Sure Unauthorized People Don't Use Information About Me?</a></p>
<p><a href="#privacy_anon">Browsing Anonymously</a></p></td>
</tr>
</table>
<p>&nbsp;</p>
<a NAME="privacy_gatherinfo"></a>
<h2>How Does a Web Site Gather Information About Me?</h2>
<p>There are two ways that a site can obtain information about you:
<ul>
<li>When you request to view a page from a site, a certain amount of information is disclosed in the page request that your browser makes on your behalf.
<p>
<li>If you fill out and submit an online form, the information you filled in is sent to the site.
</ul>
<p>There are two ways for sites to store information about you:
<ul>
<li>While your browser is getting a page from a web site, the site could ask your browser to store a small amount of information about you on your own hard disk. This stored information is called a "cookie." A site that stores (or "sets") a cookie will ask your browser to let it read the cookie the next time you visit.
<p>
<li>Any information you give a web site (by filling out an online form) could be stored on the web site's computers.
</ul>
<p>A web page <b>can't</b> find out your e-mail address, name, or any
other personal information unless you explicity provide it.
You are in control---nobody can obtain personal information about
you unless you allow it.
<p>&nbsp;</p>
<a NAME="privacy_visit"></a>
<h2>What Information Does My Browser Give to a Web Site?</h2>
<p>When you request to view a web page from a site---which you do each time you click a link or type a URL---a small amount of information is given to the site. This information includes your operating environment, your Internet address (<i>not</i> your email address), and the page you're coming from.
<p><b>Operating Environment</b>
<p>The site is told something about your operating environment, such as
your browser type and operating system. This helps the site present the page
in the best way for your screen. For example, the site might learn that you
use the French version of a mozilla-based browser on a Windows 2000 computer.
<a name="ip"></a>
<p><b>Internet Address</b>
<p>Your browser must tell the site your Internet address (also known as the Internet Protocol, or IP address) so the site knows where to send the page you are requesting. The site can't present the page you want to see unless it knows your IP address.
<p>Your IP address can be either temporary or fixed (static).
<p>If you connect to the Internet through a standard modem that's attached to your phone line, then your Internet Service Provider (ISP) assigns you a temporary IP address each time you log on. You use the temporary IP address for the duration of your Internet session. Each ISP has many IP addresses, and they assign the addresses at random to users. A web site can tell which ISP a temporary IP address comes from, but it can't learn anything about you personally from your temporary IP address.
<p><b>Important:</b> Your IP address is <b>not</b> your email address. Your email address uniquely identifies you in cyberspace just as your social security number identifies you in the real world. A temporary IP address is no more a part of your identity than the phone number
of a pay telephone you use to make a call.
<p>If you have DSL, a cable modem, or a fiber-optic connection, you may have a fixed IP address that you use every time you connect.
<p>Whether your IP address is temporary or fixed, you might not want that information
to be given to a site you intend to visit. To block your IP address from being given out, see <a href="#privacy_anon">Browsing Anonymously</a>.
<p><b>Referring Page</b>
<p>The site is also told which page you were reading when you clicked the
link to the page you are now requesting. This allows the site to know which
site referred you. Or, as you traverse the site, it allows the site to know
which of its pages you came from.
<p>&nbsp;</p>
<a NAME="privacy_cookies"></a>
<h2>What Are Cookies, and How Do They Work?</h2>
<p>A cookie is a small bit of information used by some web sites. When you visit the site that uses cookies, the site might ask your browser to place one or more cookies on your hard disk.
<p>Later, when you return to the site, your browser sends back the cookies that belong to the site.
<p>By default, this activity is invisible to you, and you won't know when a site is setting a cookie or when your browser is sending a web site's cookie back. However, you can set your preferences so that you will be asked before a cookie is set.
<h3>Why Permit Cookies?</h3>
<p>There are times when it would be to your advantage to allow
a site to know something about your previous visits.
For example, if you were previously filling out a long form and got as
far as page 17, it would be nice if the site could take you immediately
to page 17 on your next visit.
<h3>Why Reject Cookies?</h3>
<p>If a site can store a cookie, it can keep track of everything you've done
while visiting the site by writing these things into a cookie that it keeps
updating. In this way, a site can build a profile on you.
<p>This may be a good thing or a bad thing depending on what the site
does with the information. For example, it might be good if
a bookseller knew you frequently looked for information on dogs so
it could tell you about a new dog book. It might be bad if the bookseller then
sold that information to the local dog pound so they could cross-check
for potential dog owners who do not have valid dog licenses.
<h3>How Do Sites Use Cookie Information?</h3>
<p>Web sites can use cookie information to tailor their presentations to you, and advertisers can use such information to target online ads to your interests and buying information. Reputable web sites have prvacy policies that describe how they use the information they receive.
<p>When in doubt, always check a web site's privacy policy before permitting a cookie to be set, and before providing any personal information (such as your name and email address).</p>
<a name="privacy_foreign"></a>
<h3>Encountering Foreign Cookies</h3>
<p>If your browser stores a site's cookie, it will return the cookie only to that particular site. Your browser will not provide one site with cookies set by another. Since a web site can only receive back its own cookies, it can keep track of your activities while you are at that site but not your activities in general while surfing the Web.
<p>But suppose that while you visit site ABC.com, a cookie gets
stored not by ABC.com but by a different site called XYZ.com.
ABC.com can cause that to happen very simply by displaying an image from
XYZ.com. So when you visit ABC.com your browser makes a side-trip to
XYZ.com to get the image, and XYZ.com stores the cookie at that time.
<p>If XYZ.com enlists many sites to display its cookie-storing image,
it can build up a cookie that contains information about your behavior at
all those sites. The more sites that display XYZ.com's image,
the more encompassing a profile it can build on you.
<p>Such cookies that are stored by the site other than the one that you
think you are visiting are called <i>foreign cookies</i>. If you
are concerned about foreign cookies but not about ordinary cookies,
you could give permission for sites to store ordinary cookies only but
not foreign ones.
<p>You use Cookie Manager to specify what types of cookies
you want your browser to accept.
<p>&nbsp;</p>
<a NAME="privacy_unauth"></a>
<h2>How Do I Make Sure Unauthorized People Don't Use Information About Me?</h2>
<p>The best way to keep your information private is to be cautious about providing it to others. The Internet is a public network, and you should assume that when someone asks you for your name, phone number, address, and other information, they may share that information with others.</p>
<p>Providing your name, address, and phone number on the web is like having a listing in the telephone book. In fact, if you are listed in the white pages of the telephone book, your name, address, and phone number are probably listed in online directories and other databases on the World Wide Web. (Try looking yourself up in a directory such as People Finder or Yellow Pages.)</p>
<p>If a web site asks for information about you, always check the site's privacy policy before proceeding. Here are some questions you might ask about a web site's privacy policy:
<ul>
<li>What kinds of personal information is this site gathering?
<li>How will the site use the information?
<li>Will the site share the information with others, for purposes unrelated to my dealing with the site?
<li>Can I access some or all of the information a site gathers about me, in order to inspect or update it?
<li>How does the site keep intruders from viewing the information?
<li>How do I contact the web site if I have questions or problems?
</ul>
<p>&nbsp;</p>
<a NAME="privacy_anon"></a>
<h2>Browsing Anonymously</h2>
<p>&nbsp;</p>
<p>When you request to see a page from a site, your browser must tell the site your <a href="#ip">Internet address</a> (IP address) so the site knows where to send the page. Your IP address can be either temporary or fixed (static).
<p>Whether your IP address is temporary or fixed, you might not want that information to be given to a site you intend to visit. But if your browser doesn't provide this information, the site won't know where to deliver the requested page. So this is the one piece of information that you can't ask
your browser not to reveal.
<p>If you really want to hide your IP address from the site, you need to
use some trusted intermediate site. You go to the intermediate site
and tell it the name of the site whose page you want. The intermediate
site requests the page on your behalf, using its own IP address as the
return address. Then, when it gets the page, it forwards it on to
you. The site that supplied the page never gets to see your IP address.
<p>There are several sites that provide such services. Use your favorite
search engine to find them---try search words such as "anonymous" and
"surfing".
<p>
[&nbsp;<A HREF="#sec_first">Return to beginning of section</A>&nbsp;]
</p>
<a NAME="sec_psm"></a>
<hr>
<h1>Personal Security Manager</h1>
<p>Personal Security Manager helps you protect the security of your communications over the Internet. Personal Security Manager can check the security settings of web sites you visit and help assure security in several ways.</p>
<p>Personal Security Manager has its own extensive online Help, including general information about maintaining security on the Internet, and definitions of security-related terminology.</p>
<p>To access Personal Security Manager and view its Help, open the Tasks menu, choose Privacy and Security, and then choose Security Manager. Personal Security Manager also appears when you click a lock icon in the browser window.</p>
<p>
[&nbsp;<A HREF="#sec_psm">Return to beginning of section</A>&nbsp;]
</p>
<a NAME="sec_cookies"></a>
<hr>
<h1>Cookie Manager</h1>
<p>A cookie is a small amount of information used by some web sites. A web site that sets cookies will ask your browser to place one or more cookies on your hard disk when you visit the site. Later, when you return to the site, your browser sends back the cookies that belong to the site.</p>
<p>Before loading a web page that uses cookies, your browser handles the page's cookies by doing two things:
<ul>
<li>Accepts or rejects any requests by the web site to <b>set</b> (store) one or more cookies on your computer.
<li>Accepts or rejects any requests by the web site to <b>read</b> cookies it previously stored on your computer. A web site can't actually read cookies or any other data on your computer---instead, your browser gets the cookies and sends them back to the web site.
</ul>
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
<tr>
<td class="inthissections">
<p>In this section:</p>
<p><a href="#cookies_manage">Specifying How Your Browser Should Handle Cookies</a></p>
<p><a href="#cookies_site">Mananging Cookies Site-By-Site</a></p>
<p><a href="#cookies_view">Viewing Cookies</a></p>
<p><a href="#cookies_remove">Removing Cookies</a></p>
</td>
</tr>
</table>
<p>&nbsp;</p>
<a NAME="cookies_manage"></a>
<h2>Specifying How Your Browser Should Handle Cookies</h2>
<p>Your browser lets you specify how cookies should be handled, by setting your cookie preferences and by using the Cookie Manager.</p>
<ol>
<li>Open the Edit menu and choose Preferences.
<li>Under the Advanced category, choose Cookies. (If not options are visible in this category, click to expand the list.)
<li>Click one of the radio buttons:
<ul>
<li><b>Enable all cookies:</b> Choose this to permit all web sites to set cookies on your computer and receive them back during subsequent visits. <b>Note:</b> If you choose this option, and later choose to reject all cookies, you may still have some older cookies stored on your computer (though no new ones will be set).
<li><b>Enable cookies for the originating web site only:</b> <a href="#privacy_foreign">Foreign cookies</a> are not accepted or returned. Cookies received through email (when the message contains a web page) are treated as foreign cookies.
<li><b>Disable all cookies:</b> Choose this to refuse all cookies.
</ul>
<li>If you want to be notified when a web site tries to set a cookie, select "Warn me before accepting a cookie."
</ol>
<p>&nbsp;</p>
<a NAME="cookies_site"></a>
<h2>Mananging Cookies Site-By-Site</h2>
<p>If you select "Warn me before accepting a cookie" in the Cookie Preferences (see Step 4 above), Cookie Manager lets you control cookies on a site-by-site basis.</p>
<p>When you are warned that a web site is requesting to set a cookie, you can click Yes to allow or No to deny the cookie. You can also select the option for your browser to "Remember this decision."</p>
<p>If you select "Remember this decision," you will not be warned the next time that site tries to set or modify a cookie, and your "yes" or "no" response will still be in effect.</p>
<p>If you wish to change a remembered response later, use Cookie Manager as follows:</p>
<ol>
<li>Open the Tasks menu, choose Privacy and Security, and then choose Cookie Manager.</li>
<li>Click the Cookies Site tab.</li>
<li>The web sites for which you have allowed or denied cookies are listed. Removing a site from the list resets its status, so the next time you visit that site you will be warned if the site attempts to set a cookie.</li>
</ol>
<p>Another way to control cookies site-by-site is to use the Allow and Block menu options.</p>
<ol>
<li>Open the Tasks menu, choose Privacy and Security, and then choose Cookie Manager.</li>
<li>Choose "Allow cookies from this site," or "Block cookies from this site."</li>
</ol>
<p>&nbsp;</p>
<a NAME="cookies_view"></a>
<h2>Viewing Cookies</h2>
<p>You can use the Cookie Manager to view detailed information about cookies.</p>
<ol>
<li>Open the Tasks menu, choose Privacy and Security, and then choose Cookie Manager.
<li>Select View Stored Cookies from the submenu. The Cookie Manager window opens with a list of all the cookies stored on your computer.</li>
<li>To see details for a particular cookie, click it. The table below explains the information you see.</li>
</ol>
<table cellpadding="3" cellspacing="3" border="1">
<tr>
<td valign="top"><b>Item</b></td>
<td valign="top"><b>Explanation</b></td>
</tr>
<tr>
<td valign="top">Cookie Name</td>
<td valign="top">This is the name assigned to the cookie by its originater.</td>
</tr>
<tr>
<td valign="top">Information</td>
<td valign="top">This string of characters is the information a web site tracks for you. It might contain a user key or name by which you are identified to the web site, information about your interests, and so forth.</td>
</tr>
<tr>
<td valign="top">Host or Domain</td>
<td valign="top">This item tells you whether the cookie is a host cookie or a domain cookie.<br>
A host cookie is sent back, during subsequent visits, only to the server that set it. A server is a computer on the Internet. A web site resides on one or more servers.<br>
A domain cookie is sent back to any site that's in the same domain as the site that set it. A site's domain is the part of its URL that contains the name of an organization, business, or school---such as netscape.com or washington.org.</td>
</tr>
<tr>
<td valign="top">Path</td>
<td valign="top">This is the file pathway. If a cookie comes from a particular part of a web site, instead of the main page, a path is given.</td>
</tr>
<tr>
<td valign="top">Secure Server</td>
<td valign="top">This lists whether the cookie was sent over a secure server. If a cookie is secure, it will only be sent over a secure (https) connection. Before sending a secure cookie, your browser checks the connection and will not send if the connection is not secure.</td>
</tr>
<tr>
<td valign="top">Expires</td>
<td valign="top">This is the date and time at which the cookie is de-activated. The browser regularly removes expired cookies from your computer.</td>
</tr>
</table>
<p>&nbsp;</p>
<a NAME="cookies_remove"></a>
<h2>Removing Cookies</h2>
<p>Important: To remove cookies, follow the steps in this section. Do not try to edit the cookies file on your computer.</p>
<p>To remove one or more cookies from your computer:
<ol>
<li>Open the Tasks menu, choose Privacy and Security, and then choose Cookie Manager.
<li>Click the Stored Cookies tab.
<li>Select one or more cookies and click Remove, or click Remove All Cookies.
</ol>
<p>You can also choose to prevent the removed cookies from being re-accepted later.
<p>
[&nbsp;<A HREF="#sec_cookies">Return to beginning of section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="sec_password"></a>
<hr>
<h1>Password Manager</h1>
<p>Many web sites require you to type a user name and password before you can enter the site. For instance, personalized pages and web sites containing your financial information require you to log in.</p>
<p>The user name and password you use at a particular site can be read by the site's administrator. If this concerns you, you may wish to use a different password at every site with which you register. Unfortunately, it is very difficult to remember every single password you've ever used.
<p>Password Manager can help you by storing your user names and passwords on your computer's hard disk, and entering them for you automatically when you visit such sites.</p>
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
<tr>
<td class="inthissections">
<p>In this section:</p>
<p><a href="#passwords_manage">Using Password Manager to Remember User Names and Passwords</a></p>
<p><a href="#passwords_auto">Entering User Names and Passwords Automatically</a></p>
<p><a href="#passwords_onoff">Turning Password Manager On and Off</a></p>
<p><a href="#passwords_view">Viewing and Managing Stored Passwords</a></p>
</td>
</tr>
</table>
<p>&nbsp;</p>
<a NAME="passwords_manage"></a>
<h2>Using Password Manager to Remember User Names and Passwords</h2>
<p>When you enter your user name and password at a web site a dialog box appears asking, "Do you want Password Manager to remember this logon?" You can choose the following options:</p>
<ul>
<li><b>Yes</b>. The next time you return to the web site you'll see that your user name and password are already filled in.</li>
<li><b>No</b>. Password Manager won't remember the user name and password, but will ask again the next time you visit the site.</li>
<li><b>Never for this site</b>. Password Manager will not ask in the future if you want to save your user name and password for that site.</li>
</ul>
<p>Password Manager saves your user names and passwords on your own computer in a file that's difficult, but not impossible, for an intruder to read. See <a href="#sec_encrypt">Encrypting Stored Sensitive Information</a> for information on protecting your stored user names and passwords with encryption technology.
<p>&nbsp;</p>
<a NAME="passwords_auto"></a>
<h2>Entering User Names and Passwords Automatically</h2>
<p>If you use Password Manager to remember your user name and password for a web site, then the next time you visit the site Password Manager will automatically fill in your user name and password on the site's log in screen.</p>
<p>&nbsp;</p>
<a NAME="passwords_onoff"></a>
<h2>Turning Password Manager On and Off</h2>
<p>Password Manager is on by default. To turn it off:</p>
<ol>
<li>Open the Edit menu and choose Preferences.
<li>From the Advanced category, choose Passwords. (If no options are visible in this category, click to expand the list.)
<li>In the Password Manager section, deselect "Remember passwords for sites that require me to log in" to turn Password Manager off.
</ol>
<p>&nbsp;</p>
<a NAME="passwords_view"></a>
<h2>Viewing and Managing Stored Passwords</h2>
<p>To see a list of the user names and passwords you have stored:</p>
<ul>
<li>Open the Tasks menu, choose Privacy and Security, and then choose Password Manager.
<li>Select Viewed Stored Passwords from the submenu. You see the Password Manager.</li>
<li>Click the Passwords Saved tab. You see a list of all the stored user names. (Passwords are not listed.) To remove a user name, click it and then click Remove. The next time you visit the web site, you will be asked to enter your password.</li>
<li>Click the Passwords Never Saved tab to see a list of the web sites for which you instructed Password Manager never to store user names. To remove a web site from this list, click it and then click Remove. The next time you visit the web site, you will be asked if you want Password Manager to saved the user name and password for that site.</li>
</ul>
<p>
[&nbsp;<A HREF="#sec_password">Return to beginning of section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="sec_forms"></a>
<hr>
<h1>Form Manager</h1>
<p>Many web pages contain forms for you to fill out---order forms for online shopping, information databases, and so forth.</p>
<p>Form Manager can save the personal data you need to enter when you fill out a form, by storing such information as name, address, phone, credit card numbers, and so forth. Then, when a web site presents you with a form, Form Manager can fill it out automatically.</p>
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
<tr>
<td class="inthissections">
<p>In this section:</p>
<p><a href="#form_saveinfo">Saving Information From Forms</a></p>
<p><a href="#form_auto">Filling Out Forms Automatically</a></p>
<p><a href="#form_notify">Form Manager's Automatic Notification Feature</a></p>
<p><a href="#form_forms">What Happens If I Provide Personal Information to a Web Site?</a></p>
</td>
</tr>
</table>
<p>&nbsp;</p>
<a NAME="form_saveinfo"></a>
<h2>Saving Information From Forms</h2>
<p>When you fill out an online form, Form Manager normally detects the form and gives you an opportunity to save the personal data you entered into the form. Soon, Form Manager will have enough data to begin filling out forms automatically.</p>
<p>There are two ways to save personal data:</p>
<ul>
<li>Each time you submit an online form that you've filled out, Form Manager asks if you want the information saved. Click Yes. (Note: Form Manager prompts you only if its automatic notification feature is turned on.)
<li>After you fill out a form (but before you submit it), open the Edit menu and choose Save Form Data. You can use the Interview form for this purpose:
<ol>
<li>Open the Tasks menu, choose Privacy and Security, and then choose Form Manager.
<li>Select Interview from the submenu.
<li>Fill out as many fields as you want.
<li>When you're finished with the Interview form, open the Edit menu and choose Save Form Data.
</ol>
</ul>
<p>Form Manager stores your personal data on your own computer in a file that's difficult, but not impossible, for an intruder to read. See <a href="#sec_encrypt">Encrypting Stored Sensitive Information</a> for information on protecting your information with encryption technology.
<p>&nbsp;</p>
<a NAME="form_auto"></a>
<h2>Filling Out Forms Automatically</h2>
<p>To fill out an online form automatically:</p>
<ol>
<li>Go to the online form you want to fill out.
<li>Open the Edit menu and choose Prefill Form.
</ol>
<p>&nbsp;</p>
<a NAME="form_notify"></a>
<h2>Form Manager's Automatic Notification Feature</h2>
<p>Form Manager is set to prompt you to save information whenever it detects that you have filled out an online form. If you don't want to see these prompts, do this:</p>
<ol>
<li>Open the Edit menu and choose Preferences.
<li>Under the Advanced category, choose Forms. (If no options are visible in this category, click to expand the list.)
<li>In the Form Manager section, deselect "Save form data from web pages when completing forms."
</ol>
<p>&nbsp;</p>
<a NAME="form_forms"></a>
<h2>What Happens If I Provide Personal Information to a Web Site?</h2>
<p>If you provide personal information such as your name, phone number, email address, and so forth, the web site is free to store that information in its database and use it later. A web site might use this information to improve its service to you or target advertising to your interests. A web site could sell the information it has gathered to other companies.
<p>One way to find out how a web site uses the information it gathers is to check its <a href="#privacy_unauth">privacy policy</a>.
<p>Before providing personal information on an online form, you must decide whether or not you trust the company---just as you judge whether or not you trust a catalog company before you provide your credit card number on the company's order form.
<p>
[&nbsp;<A HREF="#sec_forms">Return to beginning of section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="sec_encrypt"></a>
<hr>
<h1>Encrypting Stored Sensitive Information</h1>
<p>If you use Password Manager or Form Manager to save passwords and personal data, then this sensitive information is stored on your computer in a file that's difficult, but not impossible, for an intruder to read.</p>
<p>If you are not concerned about unauthorized use of your computer, you may not need further security. However, if your computer is in an area where unauthorized people have access to it, it's possible for a determined person to read the file containing your sensitive information.</p>
<p>For a greater degree of security, you may want to protect the file with encryption. Encryption makes it nearly impossible for an unauthorized person to view your stored sensitive information.</p>
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
<tr>
<td class="inthissections">
<p>In this section:</p>
<p><a href="#encrypt_on">Encrypting Stored Sensitive Information</a></p>
<p><a href="#encrypt_master">Setting a Personal Security Password</a></p>
<p><a href="#encrypt_change">Changing Your Personal Security Password</a></p>
<p><a href="#encrypt_logout">Logging Out of Your Personal Security Password</a></p>
<p><a href="#encrypt_forget">What to Do If You Forget Your Personal Security Password</a></p>
</td>
</tr>
</table>
<p>&nbsp;</p>
<a NAME="encrypt_on"></a>
<h2>Encrypting Stored Sensitive Information</h2>
<p>To choose encryption:</p>
<ol>
<li>Open the Edit menu and choose Preferences.
<li>Under the Advanced category, choose Passwords.
<li>In the Encrypting versus Obscuring section, select "Use encryption when storing sensitive data." Remove the checkmark to turn encryption off.
<li>Click OK. A new dialog box appears and leads you through the process of choosing a Personal Security password.
</ol>
<p>&nbsp;</p>
<a NAME="encrypt_master"></a>
<h2>Setting a Personal Security Password</h2>
<p>If you choose encryption, you'll need a Personal Security Password. You can set your Personal Security Password by using the Personal Security Manager. With encryption selected, you'll be asked for your Personal Security Password at least once during a Netscape 6 session in which you access any of your stored sensitive information.</p>
<p>If you choose encryption, but don't already have a Personal Security Password, you'll be prompted to create one the first time you try to save or retrieve your sensitive information.</p>
<p>&nbsp;</p>
<a NAME="encrypt_change"></a>
<h2>Changing Your Personal Security Password</h2>
<ol>
<li>Open the Tasks menu, choose Privacy and Security, and then choose Password Manager.</li>
<li>Select Change Personal Security Password from the submenu. You see the Personal Security Manager.
<li>Enter your current Personal Security Password and click OK.</li>
<li>Enter your new Personal Security Password, and retype it to confirm the spelling.</li>
</ol>
<p>&nbsp;</p>
<a NAME="encrypt_logout"></a>
<h2>Logging Out of Your Personal Security Password</h2>
<p>Normally, you are asked for your Personal Security Password once during each Netscape 6 session in which you access any of your stored sensitive information. However, you can log out of your Personal Security Password so that it must be entered again before any sensitive information can be stored or retreived. This is useful if you are going to leave your computer unattended for a period of time.</p>
<p>To log out of your Personal Security Password:</p>
<ol>
<li>Open the Tasks menu, choose Privacy and Security, and then choose Password Manager.
<li>Select Log Out from the submenu.</li>
</ol>
<p>&nbsp;</p>
<a NAME="encrypt_forget"></a>
<h2>What to Do If You Forget Your Personal Security Password</h2>
<p>If you forget your Personal Security Password, you may have to reset it. In this case, you will need to clear all the sensitive information stored by Password Manager and Form Manager, because without your original Personal Security Password you will not be permitted to use the information.
<p>To reset your Personal Security password:
<ol>
<li>Open the Tasks menu, choose Privacy and Security, and then choose Security Manager.
<li>The Personal Security Manager window appears. Click the Help button to read about what to do when you forget your Personal Security Password.
</ol>
<p>To clear all stored passwords and other sensitive information:
<ul>
<li>Open the Tasks menu, choose Privacy and Security, and then choose Password Manager.
<li>Select Clear Sensitive Information from the submenu.
</ul>
<p>After you clear the saved personal information, you must remember all the user names and passwords Password Manager had stored for you, so you can enter them when you visit the web sites that require them.</p>
<p>
[&nbsp;<A HREF="#sec_encrypt">Return to beginning of section</A>&nbsp;]
</p>
<hr>
<p><i>10/6/00</i></p>
<hr>
<p>Copyright &copy; 1994-2000 Netscape Communications Corporation.</p>
</body>
</html>

95
extensions/help/resources/locale/en-US/ssl_help.html Normal file
View File

@ -0,0 +1,95 @@
<html>
<head>
<title>SSL Settings</title>
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
</head>
<body bgcolor="white">
<a NAME="ssl_first"></a>
<h2>SSL Settings</h2>
<p><b>[intro text for Cert Manager goes here]</b></p>
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
<tr>
<td class="inthissection">
<p>In this section:</p>
<p><a href="#SSL_Protocol_Versions">SSL Protocol Versions</a></p>
<p><a href="#SSL_Warnings">SSL Warnings</a></p>
<p><a href="#Client_Certificate_Selection">Client Certificate Selection</a></p>
</td>
</tr>
</table>
<p>&nbsp;</p>
<a NAME="SSL_Protocol_Versions"></a>
<h3>SSL Protocol Versions</h3>
<p>The Secure Sockets Layer (SSL) protocol defines rules governing mutual authentication
between a web site and browser software and the encryption of information that flows
between them. The Transport Layer Security (TLS) protocol is an IETF standard based on
SSL.TLS 1.0 can be thought of as SSL 3.1.
<p>You should normally leave both SSL checkboxes and the TLS checkbox in the Options panel
selected to ensure that both older and newer web servers can support authentication and
encryption with Personal Security Manager.
<p>Some servers that do not implement SSL correctly cannot negotiate the SSL handshake with client software (such as Personal Security Manager) that supports TLS. To allow Personal Security Manager to use SSL with such TLS-intolerant servers, click the "Enable TLS" checkbox to deselect it.
<p>&nbsp;</p>
<a NAME="SSL_Warnings"></a>
<h3>SSL Warnings</h3>
<p>It's easy to tell when the web site you are viewing is using an encrypted connection.
If the connection is encrypted, the lock icon in the lower-right corner of the Navigator
window is locked. If the connection is not encrypted, the lock icon is unlocked.</P>
<p>For many people, the lock icon provides sufficient information about a page's
encryption status. If you want additional warnings, you can select one or more of
the warning checkboxes in the Navigator section of the Applications tab. Think
carefully about whether you want such warnings, since they can be annoying.
<p>These are the choices you can make about Navigator warnings:</P>
<ul>
<LI>If you want to be reminded whenever you are entering or leaving a web site
that supports encryption, select one or both of "Entering a site that supports
encryption" and "Leaving a site that supports encryption."
<LI>If you want to be warned when you are viewing pages containing a mix
of encrypted and unencrypted material (a situation in which the lock icon is unlocked),
select "Viewing a page with an encrypted/unencrypted mix
<LI>If you want some assurance that you won't inadvertently send sensitive
information to a web site that doesn't provide an encrypted connection, select
"Sending unencrypted information to a site." You may want to select this option
even if you don't want any of the others.
</ul>
<p>&nbsp;</p>
<a NAME="Client_Certificate_Selection"></a>
<h3>Client Certificate Selection</h3>
<p>You can decide how Navigator selects a certificate from among those you have on file to identify you to a web site:
<ul>
<LI>If you want Navigator to choose a certificate without asking you, click
Select Automatically. This is usually the preferred setting.
<LI>If you want Navigator to ask you to select a certificate each time a web site
requests one, click Select Manually.
</ul>
<p>
[&nbsp;<A HREF="#ssl_first">Return to beginning of SSL Settings section</A>&nbsp;]
</p>
<hr>
<p><i>3/22/2001</i></p>
<p>Copyright &copy; 1994-2001 Netscape Communications Corporation.</p>
</body>
</html>

95
extensions/help/resources/locale/en-US/ssl_help.xhtml Normal file
View File

@ -0,0 +1,95 @@
<html>
<head>
<title>SSL Settings</title>
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
</head>
<body bgcolor="white">
<a NAME="ssl_first"></a>
<h2>SSL Settings</h2>
<p><b>[intro text for Cert Manager goes here]</b></p>
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
<tr>
<td class="inthissection">
<p>In this section:</p>
<p><a href="#SSL_Protocol_Versions">SSL Protocol Versions</a></p>
<p><a href="#SSL_Warnings">SSL Warnings</a></p>
<p><a href="#Client_Certificate_Selection">Client Certificate Selection</a></p>
</td>
</tr>
</table>
<p>&nbsp;</p>
<a NAME="SSL_Protocol_Versions"></a>
<h3>SSL Protocol Versions</h3>
<p>The Secure Sockets Layer (SSL) protocol defines rules governing mutual authentication
between a web site and browser software and the encryption of information that flows
between them. The Transport Layer Security (TLS) protocol is an IETF standard based on
SSL.TLS 1.0 can be thought of as SSL 3.1.
<p>You should normally leave both SSL checkboxes and the TLS checkbox in the Options panel
selected to ensure that both older and newer web servers can support authentication and
encryption with Personal Security Manager.
<p>Some servers that do not implement SSL correctly cannot negotiate the SSL handshake with client software (such as Personal Security Manager) that supports TLS. To allow Personal Security Manager to use SSL with such TLS-intolerant servers, click the "Enable TLS" checkbox to deselect it.
<p>&nbsp;</p>
<a NAME="SSL_Warnings"></a>
<h3>SSL Warnings</h3>
<p>It's easy to tell when the web site you are viewing is using an encrypted connection.
If the connection is encrypted, the lock icon in the lower-right corner of the Navigator
window is locked. If the connection is not encrypted, the lock icon is unlocked.</P>
<p>For many people, the lock icon provides sufficient information about a page's
encryption status. If you want additional warnings, you can select one or more of
the warning checkboxes in the Navigator section of the Applications tab. Think
carefully about whether you want such warnings, since they can be annoying.
<p>These are the choices you can make about Navigator warnings:</P>
<ul>
<LI>If you want to be reminded whenever you are entering or leaving a web site
that supports encryption, select one or both of "Entering a site that supports
encryption" and "Leaving a site that supports encryption."
<LI>If you want to be warned when you are viewing pages containing a mix
of encrypted and unencrypted material (a situation in which the lock icon is unlocked),
select "Viewing a page with an encrypted/unencrypted mix
<LI>If you want some assurance that you won't inadvertently send sensitive
information to a web site that doesn't provide an encrypted connection, select
"Sending unencrypted information to a site." You may want to select this option
even if you don't want any of the others.
</ul>
<p>&nbsp;</p>
<a NAME="Client_Certificate_Selection"></a>
<h3>Client Certificate Selection</h3>
<p>You can decide how Navigator selects a certificate from among those you have on file to identify you to a web site:
<ul>
<LI>If you want Navigator to choose a certificate without asking you, click
Select Automatically. This is usually the preferred setting.
<LI>If you want Navigator to ask you to select a certificate each time a web site
requests one, click Select Manually.
</ul>
<p>
[&nbsp;<A HREF="#ssl_first">Return to beginning of SSL Settings section</A>&nbsp;]
</p>
<hr>
<p><i>3/22/2001</i></p>
<p>Copyright &copy; 1994-2001 Netscape Communications Corporation.</p>
</body>
</html>

38
extensions/help/resources/locale/en-US/ssl_page_info_help.html Normal file
View File

@ -0,0 +1,38 @@
<html>
<head>
<title>SSL Page Info Help</title>
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
</head>
<body bgcolor="white">
<a NAME="cert_dialog_help_first"></a>
<h1>SSL Page Info</h1>
<p><b>[intro text]</b></p>
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
<tr>
<td class="inthissection">
<p>In this section:</p>
<p><a href="#Not_Verified_Not Encrypted">Identity Not Verified—Connection Not Encrypted</a></p>
<p><a href="#Verified_Encrypted">Identity Verified—Connection Encrypted</a></p>
<p><a href="#Conditionally_Verified_Encrypted">Identity Conditionally Verified—Connection Encrypted</a></p>
<p><a href="#Verified_Not Encrypted">Identity Verified—Connection Not Encrypted
</a></p>
<p><a href="#Conditionally_Verified_Not_Encrypted">Identity Conditionally Verified—Connection Not Encrypted</p></td>
</tr>
</table>
<p><b>[text to come]</b>
<hr>
<p><i>2/5/2001</i></p>
<p>Copyright &copy; 1994-2001 Netscape Communications Corporation.</p>
</body>
</html>

143
extensions/help/resources/locale/en-US/using_certs_help.html Normal file
View File

@ -0,0 +1,143 @@
<html>
<head>
<title>Browser Help</title>
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
</head>
<body bgcolor="white">
<a NAME="using_certs_first"></a>
<h1>Using Certificates</h1>
<p>A certificate is the digital equivalent of an ID card. Just as you may have several ID cards for different purposes, such as a driver's license, an employee ID card, or a credit card, you can have several certificates that are used to identify you for different purposes.</p>
<P>In addition to certificates that identify you, your browser can keep certificates on file that identify other people or organizations. These allow you to control, for example, which web sites you trust for financial transactions.</P>
<P>This section describes how to examine and configure the certificates you have on file. For an overview of the way certificates work, see <b>[xref to Certificates and Network Security].</b> When you are using Certificate Manager windows, you can also obtain more detailed instructions by clicking the Help button in the lower-right corner of each window.</P>
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
<tr>
<td class="inthissection">
<p>In this section:</p>
<p><a href="#using_certs_get">Get Your Own Certificate</a></p>
<p><a href="#using_certs_info">Check Security for a Web Page</a></p>
<p><a href="#using_certs_manage">Manage Certificates</a></p>
<p><a href="#using_certs_devices">Manage Smart Cards and Other Security Devices</a></p>
<p><a href="#using_certs_ssl">View or Change SSL Settings</a></p>
<p><a href="#using_certs_validation">View or Change Certificate Validation Settings</a></p>
</td>
</tr>
</table>
<p>&nbsp;</p>
<a NAME="using_certs_get"></a>
<h2>Get Your Own Certificate</h2>
<P>Much like a credit card or a driver's license, a <i>certificate</i> is a form of identification you can use to identify yourself over the Internet and other networks. Like other commonly used personal IDs, a certificate is typically issued by an organization with recognized authority to issue such identification. An organization that issues certificates is called a <i>certificate authority.</i>
<p>Once you have obtained a certificate, you store it in a <i>security device.</i> Your browser comes with its own built-in software security device. A security device can also be a piece of hardware, such as a smart card.</p>
<p>To get a certificate, go to the URL for any certificate authority and follow the on-screen instructions for obtaining a certificate. For a list of certificate authorities, see <a href="https://certs.netscape.com/" TARGET="_blank">Client Certificates</a>. </p>
<p>
[&nbsp;<A HREF="#using_certs_first">Return to beginning of Using Certificates section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="using_certs_info"></a>
<h2>Check Security for a Web Page</h2>
<p><b>[describes the lock icon and how to open Page Info for a given web page.]</b></p>
<p>
[&nbsp;<A HREF="#certs_first">Return to beginning of Using Certificates section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="using_certs_manage"></a>
<h2>Manage Certificates</h2>
<p><b>[describes how to open the Cert Manager.]</b></p>
<p><a HREF="#using_certs_my">Manage Certificates that Identify You</a><br>
<a HREF="#using_certs_sites">Manage Certificates that Identify Web Sites</a><br>
<a HREF="#using_certs_cas">Manage Certificates that Identify Certificate Authorities</a>
<p>&nbsp;</p>
<a NAME="using_certs_my"></a>
<H3>Manage Certificates that Identify You</H3>
<p><b>[Describes how to open the Cert Manager to the first tab, how to select one or more certs, and how to examine, back up, delete, and restore certs.]</b></p>
<p>
[&nbsp;<A HREF="#using_certs_first">Return to beginning of Using Certificates section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="using_certs_sites"></a>
<H3>Manage Certificates that Identify Web Sites</H3>
<p><b>[Describes how to open the Cert Manager to the third tab, how to select one or more certs, how to edit the settings for selected web site certs, and how to delete selected web site certs.]</b></p>
<p>
[&nbsp;<A HREF="#using_certs_first">Return to beginning of Using Certificates section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="using_certs_cas"></a>
<H3>Manage Certificates that Identify Certificate Authorities</H3>
<p><b>[Describes how to open the Cert Manager to the fourth tab, how to select one or more certs, how to edit the settings for selected CA certs, and how to delete selected CA certs.]</b></p>
<p>
[&nbsp;<A HREF="#using_certs_first">Return to beginning of Using Certificates section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="using_certs_devices"></a>
<h2>Manage Smart Cards and Other Security Devices</h2>
<p><b>[Describes how to open the Cert Manager to the fifth tab and how to add, delete, log into, or log out of security modules and devices.]</b></p>
<p>
[&nbsp;<A HREF="#using_certs_first">Return to beginning of Using Certificates section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="using_certs_ssl"></a>
<h2>Edit SSL Settings</h2>
<p><b>[Describes how to use SSL preferences.]</b></p>
<p>
[&nbsp;<A HREF="#certs_first">Return to beginning of Using Certificates section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="using_certs_validation"></a>
<h2>Edit Validation Settings</h2>
<p><b>[Describes how use Validation Preferences.]</b></p>
<p>
[&nbsp;<A HREF="#certs_first">Return to beginning of Using Certificates section</A>&nbsp;]
</p>
<hr>
<p><i>2/12/2001</i></p>
<p>Copyright &copy; 1994-2001 Netscape Communications Corporation.</p>
</body>
</html>

143
extensions/help/resources/locale/en-US/using_certs_help.xhtml Normal file
View File

@ -0,0 +1,143 @@
<html>
<head>
<title>Browser Help</title>
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
</head>
<body bgcolor="white">
<a NAME="using_certs_first"></a>
<h1>Using Certificates</h1>
<p>A certificate is the digital equivalent of an ID card. Just as you may have several ID cards for different purposes, such as a driver's license, an employee ID card, or a credit card, you can have several certificates that are used to identify you for different purposes.</p>
<P>In addition to certificates that identify you, your browser can keep certificates on file that identify other people or organizations. These allow you to control, for example, which web sites you trust for financial transactions.</P>
<P>This section describes how to examine and configure the certificates you have on file. For an overview of the way certificates work, see <b>[xref to Certificates and Network Security].</b> When you are using Certificate Manager windows, you can also obtain more detailed instructions by clicking the Help button in the lower-right corner of each window.</P>
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
<tr>
<td class="inthissection">
<p>In this section:</p>
<p><a href="#using_certs_get">Get Your Own Certificate</a></p>
<p><a href="#using_certs_info">Check Security for a Web Page</a></p>
<p><a href="#using_certs_manage">Manage Certificates</a></p>
<p><a href="#using_certs_devices">Manage Smart Cards and Other Security Devices</a></p>
<p><a href="#using_certs_ssl">View or Change SSL Settings</a></p>
<p><a href="#using_certs_validation">View or Change Certificate Validation Settings</a></p>
</td>
</tr>
</table>
<p>&nbsp;</p>
<a NAME="using_certs_get"></a>
<h2>Get Your Own Certificate</h2>
<P>Much like a credit card or a driver's license, a <i>certificate</i> is a form of identification you can use to identify yourself over the Internet and other networks. Like other commonly used personal IDs, a certificate is typically issued by an organization with recognized authority to issue such identification. An organization that issues certificates is called a <i>certificate authority.</i>
<p>Once you have obtained a certificate, you store it in a <i>security device.</i> Your browser comes with its own built-in software security device. A security device can also be a piece of hardware, such as a smart card.</p>
<p>To get a certificate, go to the URL for any certificate authority and follow the on-screen instructions for obtaining a certificate. For a list of certificate authorities, see <a href="https://certs.netscape.com/" TARGET="_blank">Client Certificates</a>. </p>
<p>
[&nbsp;<A HREF="#using_certs_first">Return to beginning of Using Certificates section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="using_certs_info"></a>
<h2>Check Security for a Web Page</h2>
<p><b>[describes the lock icon and how to open Page Info for a given web page.]</b></p>
<p>
[&nbsp;<A HREF="#certs_first">Return to beginning of Using Certificates section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="using_certs_manage"></a>
<h2>Manage Certificates</h2>
<p><b>[describes how to open the Cert Manager.]</b></p>
<p><a HREF="#using_certs_my">Manage Certificates that Identify You</a><br>
<a HREF="#using_certs_sites">Manage Certificates that Identify Web Sites</a><br>
<a HREF="#using_certs_cas">Manage Certificates that Identify Certificate Authorities</a>
<p>&nbsp;</p>
<a NAME="using_certs_my"></a>
<H3>Manage Certificates that Identify You</H3>
<p><b>[Describes how to open the Cert Manager to the first tab, how to select one or more certs, and how to examine, back up, delete, and restore certs.]</b></p>
<p>
[&nbsp;<A HREF="#using_certs_first">Return to beginning of Using Certificates section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="using_certs_sites"></a>
<H3>Manage Certificates that Identify Web Sites</H3>
<p><b>[Describes how to open the Cert Manager to the third tab, how to select one or more certs, how to edit the settings for selected web site certs, and how to delete selected web site certs.]</b></p>
<p>
[&nbsp;<A HREF="#using_certs_first">Return to beginning of Using Certificates section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="using_certs_cas"></a>
<H3>Manage Certificates that Identify Certificate Authorities</H3>
<p><b>[Describes how to open the Cert Manager to the fourth tab, how to select one or more certs, how to edit the settings for selected CA certs, and how to delete selected CA certs.]</b></p>
<p>
[&nbsp;<A HREF="#using_certs_first">Return to beginning of Using Certificates section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="using_certs_devices"></a>
<h2>Manage Smart Cards and Other Security Devices</h2>
<p><b>[Describes how to open the Cert Manager to the fifth tab and how to add, delete, log into, or log out of security modules and devices.]</b></p>
<p>
[&nbsp;<A HREF="#using_certs_first">Return to beginning of Using Certificates section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="using_certs_ssl"></a>
<h2>Edit SSL Settings</h2>
<p><b>[Describes how to use SSL preferences.]</b></p>
<p>
[&nbsp;<A HREF="#certs_first">Return to beginning of Using Certificates section</A>&nbsp;]
</p>
<p>&nbsp;</p>
<a NAME="using_certs_validation"></a>
<h2>Edit Validation Settings</h2>
<p><b>[Describes how use Validation Preferences.]</b></p>
<p>
[&nbsp;<A HREF="#certs_first">Return to beginning of Using Certificates section</A>&nbsp;]
</p>
<hr>
<p><i>2/12/2001</i></p>
<p>Copyright &copy; 1994-2001 Netscape Communications Corporation.</p>
</body>
</html>

28
extensions/help/resources/locale/en-US/validation_help.html Normal file
View File

@ -0,0 +1,28 @@
<html>
<head>
<title>Validation Settings</title>
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
</head>
<body bgcolor="white">
<a NAME="certs_first"></a>
<h1>Validation Settings</h1>
<p><b>[text to come]</b></p>
<p>
[&nbsp;<A HREF="#certs_first">Return to beginning of Certificate Manager section</A>&nbsp;]
</p>
<hr>
<p><i>2/5/2001</i></p>
<p>Copyright &copy; 1994-2001 Netscape Communications Corporation.</p>
</body>
</html>

28
extensions/help/resources/locale/en-US/validation_help.xhtml Normal file
View File

@ -0,0 +1,28 @@
<html>
<head>
<title>Validation Settings</title>
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
</head>
<body bgcolor="white">
<a NAME="certs_first"></a>
<h1>Validation Settings</h1>
<p><b>[text to come]</b></p>
<p>
[&nbsp;<A HREF="#certs_first">Return to beginning of Certificate Manager section</A>&nbsp;]
</p>
<hr>
<p><i>2/5/2001</i></p>
<p>Copyright &copy; 1994-2001 Netscape Communications Corporation.</p>
</body>
</html>