You usually can't add to the list of trusted CA's on a device like the iPhone. So i find the trick is to find out which SSL cert publishers it does trust and just stick with that. If you could let us know the issue you are trying to solve then we can start to help you out.
-BenN On Fri, Aug 21, 2009 at 7:12 AM, Maglinger, Paul <pmaglin...@scvl.com>wrote: > As the Security Admin and I are still trying to get the > hell-spawned-demonic-iPhone-from-the-putrid-cesspool-of-caustic-industri > al-waste-products to work through our ISA, we referred back to the ISA > 2006 Migration Guide by Syngress. The SA came in the morning and showed > me the following section in the book: > > "The topic of Certificate Authorities (CAs)and PKI (Public Key > Infrastructure) is usually enough to drive many administrators away from > even considering SSL. There are a number of reasons for this: > - The available documentation on certificate authorities and PKI, in > general, is difficult to understand. > - The subject has the potential to be extremely complex. > - You need to learn an entirely new vocabulary to understand the CAs > and PKI. Often the documentation on these subjects doesn't define the > new words, or they use equally arcane terms to define the arcane term > for which you're trying to get the definition. > - There doesn't seem to be any support for the network and firewall > administrator who just wants to get a CA setup and running so that he > can use certificates for SSL and L2TP/IPSec authentication and > encryption." > > > Boy, that just seems to sew it up in a nutshell, doesn't it? You'd > think that if this opinion is as common as I believe it to be, somebody > out there could simplify the process somewhat... > > *thunk* *thunk* *thunk* (head banging against desk...) > > > Paul > ________________________________ > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
