Hi,
I have an internal web server running NT 4.0 and IIS behind a firewall which needs to be made available to my users who travel frequently.My idea was to go in for SSL encryption for the web site.We had decided on client certificate being mappedto the NT username for the user so that we could uniquely identify him/her.
the problems we face are:
1)I have to manually create the mapping between the client certificate and the NT user account.
2)When a user imports a certificate to his/her browser ,then later on,there is no login popup window.So the risk is when a sales guy tries doing this from a cyber cafe,our internal network becomes vulnerable.
Does anybody have exposure on these technologies.Pls. respond.
Thanks,
Sowmy