• United States

How we did it

Aug 09, 20041 min

How we tested CoreStreet RTC.

We used an HP Proliant ML330 server with a 2.8-GHz Xeon processor and 1G byte of memory running Windows Server 2003 Enterprise Edition as our Validation Authority server. We used a Linux machine, running Fedora Core 1 inside VMWare, as the OpenSSL-based Certificate Authority, with OpenLDAP for certificate distribution, and Apache 2.0.49 for our Certificate Revocation List distribution and as the test SSL Web server.

To test the vendor’s claim that the RTC Responder was lightweight, we used a late model Toshiba notebook with a 700 MHz processor running Windows XP. Separate Red Hat Fedora Core 1 and Windows XP clients were used for the test browsers (Mozilla and Internet Explorer.) For our testing we used the Microsoft SQL server bundled with the CoreStreet product for its internal certificate storage.

We configured an Apache Web Server to use SSL, and several clients (IE on Windows XP, Mozilla on Red Hat Fedora Core 1, and OpenSSL) to access the Web server. We used OpenSSL and OpenLDAP to set up a certificate infrastructure consisting of a single root certificate and a total of 10,000 user certificates. We revoked some of the certificates and configured others to expire.

Back to review: “CoreStreet scales digital certificates”

Rodney Thayer is a private network security consultant in Mountain View, California. His practice includes exploit analysis, architecting secure networks, and cryptography. His background is in the development and deployment of network security devices, having participated in the development of various implementations of IPsec, SSL (TLS), and digital certificate systems. He has also worked in the area of security network management. He can be reached at

More from this author