Blackberry 8520 User Guide - Page 258
Smart cards, Reject certificate revocation lists from unverified CRL servers
UPC - 807360859213
View all Blackberry 8520 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 258 highlights
User Guide Security 3. Click Key Stores. 4. Change the Certificate Status Expires After field. 5. Press the Menu key. 6. Click Save. Your BlackBerry® device downloads a new revocation status automatically when your device uses a key store item with a status that is older than the time limit that you set. Reject certificate revocation lists from unverified CRL servers 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options. 3. Click Key Stores. 4. Change the Accept Unverified CRLs field to No. 5. Press the Menu key. 6. Click Save. Your BlackBerry® device rejects certificate revocation lists from CRL servers that the BlackBerry® MDS Connection Service cannot verify. Smart cards About using a smart card with your device Smart cards store certificates and private keys. You can use a smart card reader to import certificates from a smart card to the key store on your BlackBerry® device, but you cannot import private keys. As a result, private key operations such as signing and decryption use the smart card, and public key operations such as verification and encryption use the public certificates on your device. If you use a smart card certificate to authenticate to your device, after you connect your smart card reader to your device, your device requests authentication from the smart card each time that you unlock your device. If the S/MIME Support Package for BlackBerry® devices is installed on your device, you can use smart card certificates to send S/MIMEprotected messages. About two-factor authentication Two-factor authentication, which requires an item that you have (for example, a smart card) and an item that you know (for example, a pass phrase), is designed to provide additional security for your BlackBerry® device. You can use a smart card for two-factor authentication when you log in to your device, or you can use a software token for two-factor authentication when you log in to a VPN, connect to a Wi-Fi® network, or use your device with RSA® software as a hardware token. If you use two-factor authentication, you must type your pass phrase when you • unlock your device 256