About Security: Difference between revisions

From Cibernética Americana
Jump to navigationJump to search
No edit summary
No edit summary
 
(3 intermediate revisions by the same user not shown)
Line 9: Line 9:
In Communications ...
In Communications ...
<blockquote align=justify>
<blockquote align=justify>
You are probably already familiar by now with the two common means of authenication and privacy over the internet: logging in with a password and user id known only to you and the party you are communicating with and the use of secure connections signalled usually by a lock icon on the status bar of your browser&sup1;.
You are probably already familiar by now with the two common means of authenication and privacy over the internet: logging in with a password and user id known only to you and the party you are communicating with and the use of secure connections signaled usually by indicators on the location bar of your browser.
<br><br>
<br><br>
Additional measures&sup2; may in the future be required for some uses.
In any case, the URI should show https not http though some browsers may have scary indicators or intermediate pages to accompany their scary indicators. The important distinction is between https amd http  indicating an encrypted connection. The encryption is the same, it is simply that the browser doesn't trust the certificate, but  it usually will permit use once you OK the exception.
<br><br>
In any case, the lock icon should show as locked though some browsers may draw a line through the lock or the like to accompany their scary pop-ups. The important distinction is between the lock in the open state indicating an unencrypted connection and the locked state indicating a secure (encrypted) one.
<br><br>
<br><br>
</blockquote>
</blockquote>
Line 19: Line 17:
<blockquote>
<blockquote>
  The encryption mechanisms above are augmented by bank verification. All entitled users are either identified real persons or group or corporate constructs who are mapped to real persons by virtue of their traceability thru the international financial system.
  The encryption mechanisms above are augmented by bank verification. All entitled users are either identified real persons or group or corporate constructs who are mapped to real persons by virtue of their traceability thru the international financial system.
</blockquote>
In some DevOps contexts ...
<blockquote>
Security measures applied generally for AKPERSONs will suffice for DevOps users as far as DS contexts are concerned. However it's not uncommon for third parties to require certs for
various development and production purposes, so you may need to provide one or use one provided by them. We don't at this time act as a CA.
<br><br>
</blockquote>
</blockquote>
<a href=http://pgp.mit.edu/>pgp.mit.edu</a>
<a href=http://pgp.mit.edu/>pgp.mit.edu</a>
Line 34: Line 38:
<td>
<td>
<div align=right>
<div align=right>
<img src=https://meansofproduction.biz/images/qthush.gif>
<img title="Q.T., Quincy, and Shamus" src=https://meansofproduction.biz/images/qthush.gif>
</div>
</div>
</td>
</td>
</tr></table>
</tr></table>
<hr>
<hr>
<font size=1>
&sup1;<blockquote>
For transparent and easiest use of our secure server you must install the certificate sent when you register. This also provides the highest level of security for your activities here. Without this certificate installed, you will get a scary notice from your browser about our claiming to be us with which you may also be familiar.
<br><br>
If you do not use the certificate, you will have to log or sign in to a log-in point. Our domain management software will then manage your log-ins to integral spaces but you may continue to get notifications from  your browser if the certificate is not installed. Note that you install certificates in browsers, not operating systems, and not all browsers have faciliities to accept certificates.
</blockquote>
&sup2;<blockquote>
In addition to above, and for the same reasons, use of an authentication agent (pageant, ssh-agent).
</blockquote>
</blockquote>
</font>
</font>
</html>
</html>

Latest revision as of 20:47, 26 March 2024

In Domain Spaces ...

See the TLS Autonomy Notice for the basic policy which is realized operationally in domain spaces.

A fundamental adjust is required to use a name space other than what you from the powers that be. It can be easy or hard depending on your individual disposition. We try to make it easy but without shitting you about the realities.

In Communications ...

You are probably already familiar by now with the two common means of authenication and privacy over the internet: logging in with a password and user id known only to you and the party you are communicating with and the use of secure connections signaled usually by indicators on the location bar of your browser.

In any case, the URI should show https not http though some browsers may have scary indicators or intermediate pages to accompany their scary indicators. The important distinction is between https amd http indicating an encrypted connection. The encryption is the same, it is simply that the browser doesn't trust the certificate, but it usually will permit use once you OK the exception.

In Identity Authentication ...

The encryption mechanisms above are augmented by bank verification. All entitled users are either identified real persons or group or corporate constructs who are mapped to real persons by virtue of their traceability thru the international financial system.

In some DevOps contexts ...

Security measures applied generally for AKPERSONs will suffice for DevOps users as far as DS contexts are concerned. However it's not uncommon for third parties to require certs for various development and production purposes, so you may need to provide one or use one provided by them. We don't at this time act as a CA.

pgp.mit.edu

There are two keys there under "Juan Daugherty" on 2011-08-12, both me but I don't remember the secret for the older one.

See also:

Retrieved from "https://eg.meansofproduction.biz/eg/index.php?title=About_Security&oldid=24184"