Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Securing isqlplus

Re: Securing isqlplus

From: Daniel Morgan <damorgan_at_exxesolutions.com>
Date: Wed, 21 May 2003 14:08:13 -0700
Message-ID: <3ECBEABD.4DB44528@exxesolutions.com>


Frank wrote:

> Alison Holloway wrote:
> > Daniel Morgan wrote:
> >
> >>
> >> You also said that after purchasing Oracle software one must
> >> separately negotiate the purchase
> >> of a certificate from a CA company. Which I translate into meaning
> >> that you are selling an
> >> insecure product in the same way that IBM's DB/2 requires Tivoli or
> >> similar third-party
> >> products.
> >>
> >> Have I misunderstood? And if not why can't Oracle bundle what I need
> >> onto the CD? I can tell
> >> you with little hesitation of being contradicted that if my original
> >> interpretation is correct
> >> it does not bode well for the future.
> >> --
> >> Daniel Morgan
> >> http://www.outreach.washington.edu/extinfo/certprog/oad/oad_crs.asp
> >> damorgan_at_x.washington.edu
> >> (replace 'x' with a 'u' to reply)
> >>
> >>
> >
> > I'm not sure that you fully understand how CAs/certificates work. A
> > certificate shouldn't be issued by a company such as Oracle, but by a
> > certification authority (CA). Oracle is not a CA and does not want to
> > become one. A CA is a member of a trusted hierarchy, and issues a
> > certificate to authenticate the server/company/person.
>
> It is my understanding Microsoft is a CA.
> (...)
> --
> Regards, Frank van Bortel

If that is true ... it certainly proves my point. Why can Microsoft do this an Oracle not?

--
Daniel Morgan
http://www.outreach.washington.edu/extinfo/certprog/oad/oad_crs.asp
damorgan_at_x.washington.edu
(replace 'x' with a 'u' to reply)
Received on Wed May 21 2003 - 16:08:13 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US