The Security Info window gives information about keeping items secure, including web pages and messages that you send and receive. It also has information about the current security status of a particular item when it is selected in a window.
You can go to the Security Info window only from a window with a padlock icon in the bottom-left corner. If the padlock is locked, the selected item or contents in a window and your connection are encrypted. (An encrypted item is scrambled so that no one between the sender's computer and your computer can read the message or the information.) Some messages include a signed digital certificate that verifies the sender. Messages can be encrypted or signed, or both.
To open the Security Info window and choose a topic: Click the padlock icon, or open the Communicator menu, choose Tools, then Security Info. You see security information about the window or a selected item in the window. You can select other topics.
To view security information about a web page: Click the padlock icon while viewing a web site and Security Info will display the status of the web page. To see additional information about the page, click Open Page Info (encrypted and unencrypted pages). Click View Certificate (on encrypted pages only) to view the contents of the digital certificate.
Warning After the Browser Window displays an encrypted page, your disk cache retains an unencrypted copy of the page. Anyone with access to your Netscape disk cache can view the contents of the page.
To view security information about a specific mail server or news server: Click the padlock icon in the Messenger window and Security Info will display the status of the mail server connection. Click the View button for more information about the identity of the message sender.
To view security about specific messages already received: Select a mail or newsgroup message in the Messenger window. Click the padlock icon and Security Info will display the status of the message. If you select a newsgroup message, you also get security information about the news server.
See Troubleshooting if: you cannot decrypt a web page, you get a warning about possible message tampering, you are having trouble sending an encrypted message or forwarding an encrypted message.
A certificate is a unique digital ID that can be used to verify the identity of a person, web site, or JavaScript/Java Applet. The certificate always includes a public key, the name of the entity it identifies, an expiration date, the name of the certificate authority (CA) that issued the certificate, the digital signature of the CA, and a serial number. These certificates use public key cryptography to sign and authenticate signatures and are protected by public and private key pairs linked by cryptographic algorithms. These keys have the ability to encrypt and decrypt information.
To get more information about certificates: Open the Security Info window by clicking the padlock icon, then select Certificates.
To get your own certificates: Open the Security Info window by clicking the padlock icon, select Certificates, then Yours. Scroll to the bottom of the window and click Get Certificate. In response, Netscape Navigator connects you to a certificate authority (CA) that issues certificates.
If you use several computers, or switch computers, you must use the Import and Export features to transfer you certificates. To use encryption, you must have your certificates on the computer that you are using.
To import your certificates from another computer: Open the Security Info window by clicking the padlock icon, select Certificates, then Yours. Scroll to the bottom of the window and click Import a Certificate. If you have not set up a password, you are urged to do it. Then choose the file that contains your certificate and click OK.
To export your certificates: Open the Security Info window by clicking the padlock icon, select Certificates, then Yours. Scroll to the bottom of the window and click Export.
In a Composition window, click the padlock icon. The Security Info window displays information about whether you can encrypt or digitally sign this message. Follow the instructions for getting a recipient's certificate or checking the option to send yours.
See Troubleshooting if you are having problems encrypting or signing messages.
To view, verify, or delete your certificates: Open the Security Info window by clicking the padlock icon, select Certificates, then Yours. Choose a Certificate from the list then click View, Verify, or Delete.
To view, edit, verify, or delete certificates sent to you in mail messages: Open the Security Info window by clicking the padlock icon, select Certificates, then People. Choose a certificate from the list, then click View/Edit, Verify, or Delete. If you click View/Edit, you can view information about the certificate authority and change options about accepting the certificates that it issues or about sending messages to sites that it certifies.
To edit, verify, or delete signers' certificates: Open the Security Info window by clicking the padlock icon, select Certificates, then Signers. Choose a certificate from the list, then click View/Edit, Verify, or Delete. If you click Edit, you can view information about the certificate authority and change options about accepting the certificates that it issues or about sending messages to sites that it certifies.
You may need to use a password to prevent people with access to your computer from using your certificates without your knowledge.
To choose or change a password: Open the Security Info window by clicking the padlock icon, then select Passwords. Follow the directions in the window. Click More Info for additional information about choosing a password. After you choose your password and click OK, you will be prompted to select an option that tells Communicator when to ask for your password.
If you forget your password or if someone else set it, go to Troubleshooting.
Netscape has warning options that alert you to possibly unsafe situations. To configure these options, open the Security window by clicking the padlock icon, then select Navigator.
Check the warnings you want displayed. It is a good idea to keep all these alerts as reminders. Here's why:
Entering an encrypted site: Because the pages are decrypted without your intervention, you may want to clean up or secure downloaded files upon completion of your session.
Leaving an encrypted site: You may want to remove decrypted files left on your local drive. Web pages are encrypted only during transmission.
Viewing a page with an encrypted/unencrypted mix: If you feel that your system is not protected, you may not want to open this page.
Sending unencrypted information to a site: This warning reminds you not to submit unencrypted forms or information through email.
After you have checked the warnings you want to display, click the pop-up menu to choose what you want Navigator to do when a web site asks for your certificate. If you visit multiple web sites that require different types of certificate, choose Ask Every Time. Otherwise, choose Select Automatically.
Warning: Do not change the options or click the buttons for Advanced Security (SSL) Configuration unless you have specialized knowledge.
To set preferences for sending messages securely: Open the Security Info window by clicking the padlock icon, the select Messenger. Check the security measures you want followed. To encrypt messages, you must have a security certificate for the recipient. To sign messages, you must have your own certificate.
To choose or change the certificate to include with your messages: Open the Security Info window by clicking the padlock icon, the select Messenger. Select the certificate, if there's more than one. To make your certificate available on a directory so that anyone with access to it can send you encrypted messages, click Send Certificate to Directory and select a directory.
Warning: Do not click Select S/MIME Ciphers unless you understand S/MIME well.
You can try to verify the certificates of Java applets and JavaScripts by reviewing them. You change their access privileges and even delete a certificate to end automatic downloading of the signer's applets or scripts. If Communicator asks your approval to download an applet or script, see Troubleshooting about what to do.
To review information in a Java applet or JavaScript certificate: Open the Security Info window by clicking the padlock icon, the select Java/JavaScript. Choose a certificate, and click View Certificate.
To change access privileges: Open the Security Info window by clicking the padlock icon, the select Java/JavaScript. Select a certificate, and click Edit Privileges. The Java Security Target Details Dialog Box appears. It provides detailed information about the kind of access a Java applet or JavaScript has or is requesting. You can choose the privileges you want to grant for this session or future sessions.
To stop automatic access and require your approval: Open the Security Info window by clicking the padlock icon, the select Java/JavaScript. Select a certificate, and click Remove.
Cryptographic Modules are loadable pieces of software that provide a function of cryptographic services, such as smart card support, specialized key-distribution schemes, and FIPS compliance.
To view and edit security modules: Open the Security Info window by clicking the padlock icon, then select Cryptographic Modules. Choose a module, and click View/Edit.
To add a security module: Open the Security Info window by clicking the padlock icon, then select Cryptographic Modules. Click Add, and type a module name and path.
To delete a security module: Open the Security Info window by clicking the padlock icon, then select Cryptographic Modules. Select a module, and click Delete. You are asked to confirm the delete. Read the information carefully before you click OK.
To log out from the security modules: Open the Security Info window by clicking the padlock icon, then select Cryptographic Modules. Click Logout All.