We have made a number of improvements to Strong Authentication with LDAP and the associated use of TLS in M-Vault in R14.6. We’ve also made some improvements to Sodium, in particular to support various combinations of TLS and different authentication options in addition to those previously available. The screenshots in this post show how this looks in operation.
(more)Sodium CA – New Product for R14.6
March 2nd, 2010Strong Authentication and Digital Signatures based on X.509 PKI are key capabilities of all the Isode server products. In R14.6 Isode is adding Sodium CA, an X.509 PKI Certificate Authority, so that these security capabilities can be managed without using a third party product. As the goal is management of Isode products and services based around Isode products, Sodium CA is included at no additional cost as part of the Isode management toolset.
(more)
M-Link Archive Server – new in R14.6
February 25th, 2010An Archive Server, for archiving 1:1 and multi-user chat conversations is being added to M-Link for R14.6. The M-Link archive server archives messages to files, organized by user and MUC room. Files are closed either when there is a gap in message flow or when the file reaches a configurable size.
(more)
Web Application Enhancement to support Password Changing (in R14.6)
February 24th, 2010Isode’s primary products are servers, and so focus has often been on the servers, security features, and associated management tools. We have been working on a set of Web Applications, oriented towards end users and unskilled administrators. As part of this work we’ve enhanced our web applications to enable password reset. Screenshots in this post illustrate how this works.
(more)
Removal of Plain Text Passwords on Disk (in R14.6)
February 23rd, 2010For security reasons it is undesirable to leave plain text passwords in files on disk. This is straightforward to avoid in client programs, as the program can prompt the user. Some programs hide passwords to save repeated user input. Isode client programs (e.g., Sodium and MConsole) do not do this, as it is a security risk. The approach Isode takes is to either prompt the user for the password, or to use an encrypted bind profile and prompt the user for the passphrase to decrypt this profile.
(more)
