Educause Security Discussion mailing list archives
Re: Poll: Encrypted Authentication
From: Brad Judy <Brad.Judy () COLORADO EDU>
Date: Mon, 16 Apr 2007 18:31:58 -0600
The University of Colorado at Boulder has been requiring encrypted authentication for central services since Jan 2003 (wow, has it been more than four years already?). Flipping the switch takes a lot of communications, testing, documentation, etc, and we postponed our initial deadline, but it's great to have had it in place for the past few years. Given the current state of clients, making the move should be easier now then it was in early 2003. Having to do client software upgrades should be very rare now. You can see some of our end-user documentation here: http://www.colorado.edu/its/security/encauth/ It's from 2003, so it doesn't include newer clients. Using encryption has been integrated into our general setup documents for all of our e-mail clients (current docs here: http://www.colorado.edu/its/docs/email/culink/programs/) and the older pages were just for the conversion. This policy mentions encrypted authentication in item 7 - http://www.colorado.edu/its/docs/policies/accesspolicy.html Brad Judy IT Security Office Information Technology Services University of Colorado at Boulder
-----Original Message----- From: Christopher Penido [mailto:chris.penido () NYU EDU] Sent: Monday, April 16, 2007 2:18 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Poll: Encrypted Authentication Hi everyone, In preparation for some potential policy development, we would like to take an informal poll. Whose institutions require clients to use encrypted protocols for applications which rely on central authentication (i.e., POP/IMAP over SSL, SSH, SSL for web page authentication)? Where possible, please include links to your University's related policies. Thank you, Christopher Penido =================================== Christopher Penido Network Security Analyst NYU \ ITS Technology Security Services \ security () nyu edu chris.penido () nyu edu ----------------------------------------------- Home @ http://security.nyu.edu Alerts @ http://security.nyu.edu/alerts News @ http://security.nyu.edu/news ===================================
Current thread:
- Poll: Encrypted Authentication Christopher Penido (Apr 16)
- <Possible follow-ups>
- Re: Poll: Encrypted Authentication Joel Rosenblatt (Apr 16)
- Re: Poll: Encrypted Authentication Michael Sinatra (Apr 16)
- Re: Poll: Encrypted Authentication Richard Gambrell (Apr 16)
- Re: Poll: Encrypted Authentication Brad Judy (Apr 16)
- Re: Poll: Encrypted Authentication Conor McGrath (Apr 16)
- Re: Poll: Encrypted Authentication Matthew Gracie (Apr 17)