Restricting Website access with Certificates

["Phil de Bruin" <malibuphil () hotmail com>]

Hi All,

We've developed a website for Business to Business use and need to secure it 
so
that it can only be accessed from designated computers throughout the world.
We have heard that this can be achieved by using client certificates to 
restrict access to
a website. We're using MS IIS5.0.

What I really would like to know is where to start???
What type of certificate do I require?
One on the server and then a client certificate to be distributed 
appropriately?
If the client certificate is installed can it be set so it cannot be 
exported??
How can I achieve this?

Thanks!

_________________________________________________________________
Check out news, entertainment and more @  http://xtra.co.nz/broadband