Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: Securing isqlplus
Frank wrote:
> Alison Holloway wrote:
> > Daniel Morgan wrote:
> >
> >>
> >> You also said that after purchasing Oracle software one must
> >> separately negotiate the purchase
> >> of a certificate from a CA company. Which I translate into meaning
> >> that you are selling an
> >> insecure product in the same way that IBM's DB/2 requires Tivoli or
> >> similar third-party
> >> products.
> >>
> >> Have I misunderstood? And if not why can't Oracle bundle what I need
> >> onto the CD? I can tell
> >> you with little hesitation of being contradicted that if my original
> >> interpretation is correct
> >> it does not bode well for the future.
> >> --
> >> Daniel Morgan
> >> http://www.outreach.washington.edu/extinfo/certprog/oad/oad_crs.asp
> >> damorgan_at_x.washington.edu
> >> (replace 'x' with a 'u' to reply)
> >>
> >>
> >
> > I'm not sure that you fully understand how CAs/certificates work. A
> > certificate shouldn't be issued by a company such as Oracle, but by a
> > certification authority (CA). Oracle is not a CA and does not want to
> > become one. A CA is a member of a trusted hierarchy, and issues a
> > certificate to authenticate the server/company/person.
>
> It is my understanding Microsoft is a CA.
> (...)
> --
> Regards, Frank van Bortel
If that is true ... it certainly proves my point. Why can Microsoft do this an Oracle not?
-- Daniel Morgan http://www.outreach.washington.edu/extinfo/certprog/oad/oad_crs.asp damorgan_at_x.washington.edu (replace 'x' with a 'u' to reply)Received on Wed May 21 2003 - 16:08:13 CDT