Although very similar, the underlying cryptography principles are
the same, the above is very different to the way Public CA's work.
The difference is simply that Harbor offers business the chance to
become and manage its own CA.
Trust ONLY works if the CA is the natural trust body, the
reason is that if we believe the credibility of the CA in a
specific area, then we trust the certificates it issues, in that
area. If a university had a Harbor CA, then when they issue certificates,
which are in fact degree's, if the graduate then signed email or
correspondence with that certificate... there is absolutely no
doubt that its real.
Notice that its specialized, the university cant issue pilot
certificates, and that's why public CA's don't work, they too
general.
In contrast, if you bought a public CA certificate and sent an EXE
file to us via email (securely) with the instructions to run it,
there is no way that we would. We don't care that the Public CA
has identified you, who are you? Why should we trust you?
On a web site when people enter a secure page, (or not) the
thing they are really trusting is the brand name, i.e. when the
site address is
Microsoft.com or Walmart.com. Not many people stop to look at
certificates, it means nothing to them.
Public CA's sell secure communications, not trust, and this is the
reason that software signed by a public CA identity, actually
means very little, unless you know the supplier already, in which
case one wouldn't bother with software signatures anyway.
That system only works if a natural trust body is behind it.
On the web, public CA's are still useful, and IT admin staff use them to get
a secure pipe, which is not
possible without buying one.
It makes sure that the secure
communications is with the legitimate server, and that ensures
that communications are only with their servers. This of course
assumes public CA are actually doing a good job, but we don't have
too many choices, its all that is out there.
This creates a little bit of a dilemma with the two different
certificate schemes, because if a business is a natural
trust body, and becomes a CA and closes the trust loop, they
certainly don't want public CA's to contaminate that system. We
cant have a public CA cert saying that Mr A is a bank customer, or
does have a degree, or does have the credit to purchase a car, or
can buy prescription drugs.
This problem almost led to the splitting of Harbor into a trusted
and un-trusted version, fortunately some extreme creative thinking
solved all these problems.
So, in practical terms it comes down to this...
An IT manager wants legacy SSL to work, they present a secure site
to the user, and because the user is inferring trust from the
domain name, and most are swayed by the little security icons that
come on, all they want to ensure is that secure communications is
with their server. These IT managers do not want the software
crippled like for example in Webstart, or java Applets, which wont
run without a digital signature, because they say its redundant
duplication, if the user trusts the site, and thus the company,
and the software can only come from the companies servers, what's
the point of signing software again, its already protected by the
site. These IT managers don't want anything else to happen, they
don't want certificates to display, or any warnings, they just
want the software to run.
For this reason Harbor is completely SSL enabled, and will
behave exactly like that from a web site.
At the other end of the spectrum, businesses interested in
closing the trust loop are saying, anything signed by a public CA
is null and void, we don't recognize it, and we don't want it
contaminating the integrity of our system. Public CA's must not
sign anything in our system.
This we have addressed in the Harbor Desktop, the Harbor desktop
always warns. and presents the user with natural trust body
certificates, showing signature or not. The Harbor desktop allows
business to setup their own trust systems, and isolate themselves
from the hazards of browser technology.
This then raises the next issue, as a developer, not being a natural
trust body (actually in many cases one becomes that very quickly),
and knowing the end customers don't really trust anything a public
CA says anyway, what do you do?
The answer is nothing... if neither of the certificate schemes
work for you, its ok because the Harbor desktop has Xray vision.
Using the guard, a user can watch exactly what software gets up to
on their system. What the Harbor desktop also does is make the
actions of software on a system, very transparent. Signed or not,
users of the software will very quickly determine if the software
is suspect or not. It means you may have to provide users with an
explanation as to why your software wants to access a
Windows/System/dll, but if its legitimate, they will set the trust
flags on your software, signed or not.
- So, developers do not have to have software signed before
it
will work in Harbor...
-
Businesses can close the trust loop and avoid the dangers inherent
in browser systems...
- Web developers wishing to augment their secure site designs with
Harbors Rich clients, can still use old fashioned SSL.
Because software trust using the Desktop can be determined with
or without certificates, through the Guard, in general Harbor does
not sell identity certificates, they not needed and the business
auditing process would make them too expensive anyway.
Our interest is only in helping Naturally occurring CA's
implement their systems.
Normally these companies make so much money from this process,
that our time is not an issue anyway.
Not only is Harbor the most powerful application server on
earth, its a safe transparent platform, and through creative
design we have also tried to make it blatantly honest.