|
| Product |
| JFile |
| Version |
| 1.x |
| Title |
| VeriSign Code Signing IDs for Netscape Expire on 12/31/99 |
| Problem |
VeriSign Code Signing IDs for Netscape Object Signing currently
work with Netscape version 4.0x browsers. However, the Root CA
embedded in Netscape Navigator 4.01 to 4.05 is set to expire on
12/31/99. Users of these browsers will not be able to
successfully download applications signed with Netscape Object
Signing IDs, and will encounter a dialog box stating "SmartUpdate
failed; JAR archive failed security check. Issuer certificate is
invalid."
Research indicates that less than 4 percent of all browser users
will be affected.
The situation does not affect Microsoft Internet Explorer
browsers.
|
| Solution |
Encourage Netscape users to upgrade to Netscape 4.7.
- Link your users to http://home.netscape.com/computing/download/, where they can download Netscape 4.7 for free. For users with slower Internet connections, Netscape Communicator 4.7 is available on CD for $4.95: see http://cd.netscape.com/4.7/.
- Post upgrading tools on your site. For sites secured by VeriSign Code Signing IDs for Netscape Object Signing, VeriSign and Netscape have created a number of tools for Web masters to help users of affected Netscape browser versions upgrade by December 31, 1999. These tools are quick and easy to
implement, and are already in use at a number of leading financial and e-commerce sites. VeriSign and Netscape strongly encourage you to put one or more of the following tools on your Web site:
- THE BROWSER SECURITY UPGRADE TOOL: This simple JavaScript
automatically checks the security status of your visitors'
browsers. If an affected Netscape browser is detected, the tool
opens a new browser window and offers upgrade instructions to help
browser users download the newest version of Netscape's
browser (4.7).
Go to
http://www.verisign.com/server/cus/rootcert/codesigning.html,
where you'll find the link to download the Browser Security
Upgrade tool to run on your site.
- BROWSER UPGRADE BUTTON: This tool is similar to the Browser
Security Upgrade Tool. However, this version does not
automatically open a new browser window. Instead, it produces an
"Upgrade Your Browser" button if, and only if, it detects an
affected Netscape browser. The tool and instructions for
installing the Browser Upgrade Button are included with the
Browser Security Upgrade tool at
http://www.verisign.com/server/cus/rootcert/codesigning.html
- For users who don't upgrade, here is a sample message you may wish to post on your site after December 31, 1999: "Did you encounter a message
stating 'Smart Update failed: Jar archive failed security check.
Issuer certificate is invalid.' when you tried to download our
application? If you are using a Netscape browser, version 4.01 to
4.05, you will not be able to download this application
successfully. You must first upgrade your browser."
If after reviewing the information linked to above, you have specific questions about root CA certificate rollover, e-mail CA-rollover@verisign.com, or call Verisign Customer Service at 650-429-3400.
|
| Created : 12/1/2002 12:00:00 AM (last modified : 8/22/2002 11:26:34 AM) |
|
