Innopac Archive Index (by Date)

[ List Archives Home ] [ Thread index for 2008 ] [ Date index for 2008 ] [ Author index for 2008 ]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Date: Wed, 16 Aug 2000 08:26:08 -0400
From: Tom Klingler <tk@xxxxxxxxxx>
Subject: Re: WebOPAC and encryption

>--On Tuesday, August 15, 2000 9:55 AM -0600 Kim Crowley 
><crowley@xxxxxxxxxx> wrote:
>
>>He claims that a sniffer somewhere on the web could garner his customer
>>information that he has accessed by putting in his name and library
>>card #.  Does that customer information (name, phone#, address) actually
>>"travel" across the Internet or is the only thing that can be hacked his
>>library card # and name that he inputs to gain access.
>
>If he is using View Patron Record, his name/address/phone is 
>travelling across the Internet unencrypted and it would be possible 
>for a properly-placed third party to sniff that information off the 
>network.  One would really have to try hard to get it, though.
>
>Someone else mentioned getting a certificate from Verisign to enable 
>secure communications.  The INNOPAC WebPAC, though, would have to 
>support the SSL protocol in order to make use of the certificate, 
>though.  That is an enhancement that has been asked for a number of 
>times, it even might have been on last year's IUG list, but I 
>haven't heard of Innovative doing the development work yet.
>
>I *THINK* (someone correct me if I'm wrong), that Verisign must 
>"certify" web server software as 'secure' in order to have 
>certificates generated for sites using that server software.  That 
>is what held up Apache server's SSL certificates for a while.  Since 
>WebPAC isn't using a commonly used web server, Innovative may have 
>to go through the process of having their software certified by 
>Verisign.
>
>
>Peter
>--
>Peter Murray, Computer Services Librarian              W: 860-570-5233
>University of Connecticut Law School             Hartford, Connecticut
>


8-16-00

FWIW, at ALA Annual in Chicago, a III product manager assured me that 
SSL is coming to the WebPAC.  No date yet.

TK

----------------------------------------
Tom Klingler
Systems Dept.
Libraries & Media Services
Kent State University
Kent, OH.
U.S.A.
44242-0001

330-672-1646
330-672-4811(fax)
tk@xxxxxxxxxx
------------------------------------------------------------------
The sooner you fall behind, the more time you'll have to catch up.
--Steven Wright
------------------------------------------------------------------
--
This message was distributed through the Innovative Users Group INNOPAC list.
Private replies:  Tom Klingler <tk@xxxxxxxxxx>
Public replies:   INNOPAC@xxxxxxxxxx
Archives:  http://innopacusers.org/list/archives/

References:
- Re: WebOPAC and encryption
  - From: Peter Murray <PMurray@xxxxxxxxxx>

Prev by Date: Re: WebOPAC and encryption
Next by Date: "Repeat as Word Search" interaction with AVS Keyword (fwd)
Prev by thread: Re: WebOPAC and encryption
Next by thread: Re: WebOPAC and encryption
Index(es):
- Date
- Thread

Re: WebOPAC and encryption