Using Certificate Authorities

Because of increased needs for security, certificates are becoming very popular. If high security is required, as in a payroll or banking application, enterprises and independent software vendors can obtain a certificate from GTE, VeriSign, Inc., or another Certificate Authority (CA) for signing code that will be distributed publicly. For more information on obtaining and installing certificates see http://www.microsoft.com/security/services/partners.asp.

Only the Fitch & Mather Corporate Media Library Client (CMLC) cabinet (CAB) file needs to be signed for security purposes. It can be used without a security certificate, if desired. To distribute the CML component with no certificate to a user, the user's browser must have "Low" security in place to receive the CAB file that contains the component. If the component is signed, the user's browser should have the "Medium" security setting.

The user can make this security setting by clicking Internet Options on the View menu in Microsoft® Internet Explorer, and clicking the Security tab. The following screen shot illustrates the preferred setting for a signed component.