Subversion Repositories oidplus

<!DOCTYPE html>

<html lang="en">

<head>

        <title>Procedural documentation related to privacy</title>

</head>

<body>

        <style>

        h2 {

                font-size:large !important;

        }

        h3 {

                font-size:medium !important;

        }

        </style>

        <h1>Procedural documentation related to privacy</h1>

        <p><em>Revision: 14 March 2020</em></p>

        <p><strong><em>Important</em></strong><em>: This document is written by ViaThinkSoft (the developer of the software &ldquo;OIDplus&rdquo;) and gives general information how OIDplus works regarding privacy related topics. Since OIDplus is a web-software that can be downloaded, installed and operated by anyone on their own server systems, this document DOES NOT describe how the owners/administrators of this particular installation of OIDplus are handling your data. Therefore, the owner of this system should provide an additional/individual privacy statement.</em></p>

        <h2><strong><u>Parties / Terminology</u></strong></h2>

        <p><strong>ViaThinkSoft</strong> is the developer of the program &ldquo;OIDplus&rdquo;. OIDplus is a system that organizations (or workgroups, single developers etc.) can download and install on their own web servers. The code and the database is located on the server of that organization, hereinafter referred to as <strong>system owner</strong>. The system administrator (<strong>system admin</strong>) is a person in that organization who manages and maintains the OIDplus software. The system admin is usually also the same person who manages the web server&rsquo;s hardware/software.</p>

        <p><strong>OIDplus</strong> is a system to manage and publish information about Object Identifiers (OIDs) and their <strong>Registration Authorities</strong> (hereinafter referred to as <strong>RA</strong>, or <strong>owner of an</strong> <strong>OID</strong>). Some of the information can be marked as hidden/confidential, which means the information is only visible to privileged users (e.g. the system admin) and not to the public.</p>

        <p><strong>Object Identifiers</strong> are organized in a hierarchical structure where RAs are delegating OIDs underneath the OIDs they are managing, to other RAs. In the context of a specific RA and OID, the &ldquo;<strong>Superior RA</strong>&rdquo; is the RA that has delegated the root OID of a specific RA. However, the statements about &ldquo;Superior RAs&rdquo; in this document do only apply if the Superior RA is using OIDplus to delegate the OID.</p>

        <h2><strong><u>Definition of sever-side and client-side</u></strong></h2>

        <p>OIDplus is a web application written in the programming languages PHP (running on server-side) and HTML/JavaScript (running on client-side).</p>

        <h3><u>Server side</u></h3>

        <p>The PHP scripts of OIDplus are processed through a PHP script interpreter running on top of a web server software (&ldquo;HTTP web server daemon&rdquo;), for example &ldquo;Apache&rdquo;. The actual data of OIDplus (OIDs, RAs, &hellip;) is stored in a DBMS (Database Management Software) e.g. &ldquo;MySQL&rdquo;. The DBMS is usually installed on the same server machine where PHP/Apache is installed, but it can be installed on any machine by the server administrator.</p>

        <h3><u>Client side</u></h3>

        <p>While the user browses OIDplus, the server-side serves HTML and JavaScript contents to the client computer. Using a web browser software (like &ldquo;Chrome&rdquo; or &ldquo;Firefox&rdquo;), these contents are processed and displayed on the screen. Various JavaScript scripts are either required to run OIDplus or are improving the user experience, e.g. by reloading OID descriptions without reloading the whole page while the user browses OIDplus. There might be a few external JavaScripts included (Polyfill and ReCaptcha), which are described at the end of the document.</p>

        <h2><strong><u>Scope of this document</u></strong></h2>

        <p>This document contains information about the OIDplus software only. It is independent from the behavior of the client-side software (web browser, Operating system, firewalls, &hellip;), independent from the behavior of hardware (network routers or firewalls, &hellip;), independent from the behavior of the server-side software (Apache, PHP, MySQL, Operating system, &hellip;) and the practices how the system administrator is operating the server software, stores log files, manages firewalls etc.</p>

        <h2><strong><u>OID information</u></strong></h2>

        <p>The main purpose of OIDplus is to show and manage information of OID information.</p>

        <p>Some attributes of Object Identifiers (like ASN.1 identifiers) can only be changed by the Superior RA and not by the RA of that OID. On the other hand, some other information (like the title and description) can only be changed by the RA owning the OID and not by the Superior RA. The system admin can edit all information.</p>

        <h3><em>Hidden OID information</em></h3>

        <p>A superior RA can set the &ldquo;hidden&rdquo; flag to an OID they delegate. This means the OID and all its subsequent OIDs are invisible to the public. However, the public can see the existence of hidden OIDs by a notice &ldquo;<em>XX OIDs are hidden. Log in to see them</em>&rdquo;.</p>

        <p>The system admin can see all OIDs, even if they are hidden.</p>

        <p>An owner of an OID can see all OIDs in the OID tree chain that are directing to his root OID, even if some of them are hidden.</p>

        <p>If you are an <strong>owner of an OID</strong> and want to make your OID hidden from the public, please contact your <strong>superior RA</strong> (preferential) or the <strong>system admin</strong> and ask them to mark your OID as hidden. Please note that this will also hide all OIDs that you delegate to yourself or other RAs.</p>

        <h3><em>Overview: Managed information about OIDs:</em></h3>

        <table border="1">

        <tbody>

        <tr>

        <td width="111">

        <p><strong>Attribute:</strong></p>

        </td>

        <td width="196">

        <p><strong>Can only be changed by:</strong></p>

        </td>

        <td width="154">

        <p><strong>If not marked &ldquo;hidden&ldquo;, visible to:</strong></p>

        </td>

        <td width="154">

        <p><strong>If marked &ldquo;hidden&ldquo;, visible to:</strong></p>

        </td>

        </tr>

        <tr>

        <td width="111">

        <p>Numeric Identifier</p>

        </td>

        <td width="196">

        <p>Superior RA<br /> System admin<br /> (can only be defined during creation and never be updated!)</p>

        </td>

        <td width="154">

        <p>Public<br /> RA<br /> Superior RA<br /> System admin</p>

        </td>

        <td width="154">

        <p>Superior RA<br /> System admin</p>

        </td>

        </tr>

        <tr>

        <td width="111">

        <p>Alphanumeric identifier (for ASN.1 notation)</p>

        </td>

        <td width="196">

        <p>Superior RA<br /> System admin</p>

        </td>

        <td width="154">

        <p>Public<br /> RA<br /> Superior RA<br /> System admin</p>

        </td>

        <td width="154">

        <p>Superior RA<br /> System admin</p>

        </td>

        </tr>

        <tr>

        <td width="111">

        <p>Unicode label</p>

        <p>(for IRI notation)</p>

        </td>

        <td width="196">

        <p>Superior RA<br /> System admin</p>

        </td>

        <td width="154">

        <p>Public<br /> RA<br /> Superior RA<br /> System admin</p>

        </td>

        <td width="154">

        <p>Superior RA<br /> System admin</p>

        </td>

        </tr>

        <tr>

        <td width="111">

        <p>RA</p>

        </td>

        <td width="196">

        <p>Superior RA<br /> System admin</p>

        </td>

        <td width="154">

        <p>Public<br /> RA<br /> Superior RA<br /> System admin</p>

        </td>

        <td width="154">

        <p>Superior RA<br /> System admin</p>

        </td>

        </tr>

        <tr>

        <td width="111">

        <p>Comment</p>

        </td>

        <td width="196">

        <p>Superior RA<br /> System admin</p>

        </td>

        <td width="154">

        <p>Public<br /> RA<br /> Superior RA<br /> System admin</p>

        </td>

        <td width="154">

        <p>Superior RA<br /> System admin</p>

        </td>

        </tr>

        <tr>

        <td width="111">

        <p>&ldquo;Hidden&rdquo; flag</p>

        </td>

        <td width="196">

        <p>Superior RA<br /> System admin</p>

        </td>

        <td width="154">

        <p>Public<br /> RA<br /> Superior RA<br /> System admin</p>

        </td>

        <td width="154">

        <p>Superior RA<br /> System admin</p>

        </td>

        </tr>

        <tr>

        <td width="111">

        <p>Title</p>

        </td>

        <td width="196">

        <p>RA<br /> System admin</p>

        </td>

        <td width="154">

        <p>Public<br /> RA<br /> Superior RA<br /> System admin</p>

        </td>

        <td width="154">

        <p>Superior RA<br /> System admin</p>

        </td>

        </tr>

        <tr>

        <td width="111">

        <p>Description</p>

        </td>

        <td width="196">

        <p>RA<br /> System admin</p>

        </td>

        <td width="154">

        <p>Public<br /> RA<br /> Superior RA<br /> System admin</p>

        </td>

        <td width="154">

        <p>Superior RA<br /> System admin</p>

        </td>

        </tr>

        </tbody>

        </table>

        <h2><strong><u>RA information</u></strong></h2>

        <p>The information about RAs owning OIDs can be seen publicly. A RA can manage their contact data in the OIDplus system (log in area) and mark their information as &ldquo;private&rdquo; to limit the information visible to the public.</p>

        <p>Following RA information are always displayed (even if marked &ldquo;private&rdquo;):</p>

        <h3><em>Overview: Managed information about RAs:</em></h3>

        <table border="1">

        <tbody>

        <tr>

        <td width="111">

        <p><strong>Attribute:</strong></p>

        </td>

        <td width="196">

        <p><strong>Can only be changed by:</strong></p>

        </td>

        <td width="154">

        <p><strong>If not marked &ldquo;private&ldquo;, visible to:</strong></p>

        </td>

        <td width="154">

        <p><strong>If marked &ldquo;private&ldquo;, visible to:</strong></p>

        </td>

        </tr>

        <tr>

        <td width="111">

        <p>Email-Address</p>

        </td>

        <td width="196">

        <p>RA</p>

        </td>

        <td width="154">

        <p>Public<br /> Superior RA<br /> RA<br /> System admin</p>

        </td>

        <td width="154">

        <p>Public<br /> Superior RA<br /> RA<br /> System admin</p>

        </td>

        </tr>

        <tr>

        <td width="111">

        <p>Name</p>

        </td>

        <td width="196">

        <p>RA</p>

        </td>

        <td width="154">

        <p>Public<br /> Superior RA<br /> RA<br /> System admin</p>

        </td>

        <td width="154">

        <p>Public<br /> Superior RA<br /> RA<br /> System admin</p>

        </td>

        </tr>

        <tr>

        <td width="111">

        <p>Organization</p>

        </td>

        <td width="196">

        <p>RA</p>

        </td>

        <td width="154">

        <p>Public<br /> Superior RA<br /> RA<br /> System admin</p>

        </td>

        <td width="154">

        <p>Public<br /> Superior RA<br /> RA<br /> System admin</p>

        </td>

        </tr>

        <tr>

        <td width="111">

        <p>Office</p>

        </td>

        <td width="196">

        <p>RA</p>

        </td>

        <td width="154">

        <p>Public<br /> Superior RA<br /> RA<br /> System admin</p>

        </td>

        <td width="154">

        <p>Public<br /> Superior RA<br /> RA<br /> System admin</p>

        </td>

        </tr>

        <tr>

        <td width="111">

        <p>Personal name</p>

        </td>

        <td width="196">

        <p>RA</p>

        </td>

        <td width="154">

        <p>Public<br /> Superior RA<br /> RA<br /> System admin</p>

        </td>

        <td width="154">

        <p>Public<br /> Superior RA<br /> RA<br /> System admin</p>

        </td>

        </tr>

        <tr>

        <td width="111">

        <p>Privacy flag</p>

        </td>

        <td width="196">

        <p>RA</p>

        </td>

        <td width="154">

        <p>RA</p>

        <p>System admin</p>

        </td>

        <td width="154">

        <p>RA</p>

        <p>System admin</p>

        </td>

        </tr>

        <tr>

        <td width="111">

        <p>Street</p>

        </td>

        <td width="196">

        <p>RA</p>

        </td>

        <td width="154">

        <p>Public<br /> Superior RA<br /> RA<br /> System admin</p>

        </td>

        <td width="154">

        <p>RA</p>

        <p>System admin</p>

        </td>

        </tr>

        <tr>

        <td width="111">

        <p>ZIP/Town</p>

        </td>

        <td width="196">

        <p>RA</p>

        </td>

        <td width="154">

        <p>Public<br /> Superior RA<br /> RA<br /> System admin</p>

        </td>

        <td width="154">

        <p>RA</p>

        <p>System admin</p>

        </td>

        </tr>

        <tr>

        <td width="111">

        <p>Country</p>

        </td>

        <td width="196">

        <p>RA</p>

        </td>

        <td width="154">

        <p>Public<br /> Superior RA<br /> RA<br /> System admin</p>

        </td>

        <td width="154">

        <p>RA</p>

        <p>System admin</p>

        </td>

        </tr>

        <tr>

        <td width="111">

        <p>Phone</p>

        </td>

        <td width="196">

        <p>RA</p>

        </td>

        <td width="154">

        <p>Public<br /> Superior RA<br /> RA<br /> System admin</p>

        </td>

        <td width="154">

        <p>RA</p>

        <p>System admin</p>

        </td>

        </tr>

        <tr>

        <td width="111">

        <p>Mobile</p>

        </td>

        <td width="196">

        <p>RA</p>

        </td>

        <td width="154">

        <p>Public<br /> Superior RA<br /> RA<br /> System admin</p>

        </td>

        <td width="154">

        <p>RA</p>

        <p>System admin</p>

        </td>

        </tr>

        <tr>

        <td width="111">

        <p>Fax</p>

        </td>

        <td width="196">

        <p>RA</p>

        </td>

        <td width="154">

        <p>Public<br /> Superior RA<br /> RA<br /> System admin</p>

        </td>

        <td width="154">

        <p>RA</p>

        <p>System admin</p>

        </td>

        </tr>

        </tbody>

        </table>

        <h2><strong><u>Invitation of RAs</u></strong></h2>

        <p>When an OID is created by a RA or by the system admin, the owner of the OID will be defined by an email address (which will be shown publicly). Therefore, it is possible to own an OID, even if you are not registered in the OIDplus system.</p>

        <p>When the OID is created and the RA with such an email address does not exists, the creator will be asked if they want to send an invitation. If they agree, an email will be sent to this email address, allowing them to click a link to register to the OIDplus system, so that they can add more contact data as well as be able to delegate and edit OID information.</p>

        <p>Currently, a RA cannot register themselves. They need an invitation by the system admin or their superior RA to be able to register to the OIDplus system. (Note: To re-send an invitation, the system admin or superior RA needs to click &ldquo;Update&rdquo; at the OID delegation table, so that they are asked again to send the invitation).</p>

        <p>In addition to the invitation system, the system administrator can create RA accounts without email address verification.</p>

        <h2><strong><u>Publishing RAs/OIDs to oid-info.com</u></strong></h2>

        <p>oid-info.com is a web page which collects and displays information about OIDs, like a Wiki. OIDplus contains features to submit data of its own database to oid-info.com</p>

        <p>There are two possibilities:</p>

        <ol>

        <li>Manual transfer: The system admin can create an XML file that contains OID and RA information (only the parts which can be seen by the public anyway) and can upload this XML file to oid-info.com</li>

        <li>If the OIDplus system is registered to ViaThinkSoft and the OID-info.com transfer is enabled (see below), ViaThinkSoft will automatically fetch the XML data from the OIDplus system using an encrypted interface and submits the data to the oid-info.com administrator.</li>

        </ol>

        <h2><strong><u>Unique system ID</u></strong></h2>

        <p>During initial setup, a public/private-key-pair will be created which can be used for various purposes, e.g. to encrypt data between OIDplus and ViaThinkSoft if the &ldquo;system registration&rdquo; service is used (see below) or to sign OID-over-WHOIS responses.</p>

        <p>From this public key, a unique system ID will be derivated. The unique system ID and the public key can be seen in the setup screen.</p>

        <h2><strong><u>System registration and automatic publishing to oid-info.com</u></strong></h2>

        <p>During initial setup, the system admin can choose between following options:</p>

        <p>0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Register to directory service and automatically publish RA/OID data at oid-info.com<br /> 1&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Only register to directory service<br /> 2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Hide system</p>

        <p>This setting can always be changed in the administrator login / control panel.</p>

        <h3><em><u>Registering the system to the directory service (option 0 and 1)</u></em></h3>

        <p>The registration of your OIDplus system has various advantages:</p>

        <ul>

        <li>The public key of your system will be published, so that users can check the integrity of your data (e.g. signed OID-over-WHOIS requests).</li>

        <li>Since the 31-bit System ID can have hash conflicts, ViaThinkSoft will make sure that the System ID is only used by your system (it will force other OIDplus systems with the same system ID to change their IDs).</li>

        <li>ViaThinkSoft can acknowledge the system name, admin email and OID root arcs. Therefore, your system can be found using referral WHOIS.</li>

        <li>You can optionally enable the automatic publishing of your public OID information to the repository oid-info.com.</li>

        <li>Your OIDplus version will be reported to ViaThinkSoft. If a severe bug or security vulnerability is affecting your system, ViaThinkSoft can warn you via email.</li>

        <li>The directory service will automatically create a X.509 security certificate for you (NOT a SSL certificate!) which can be used for various verifications.</li>

        </ul>

        <p>If privacy level option 0 or 1 was chosen, the OIDplus system will regularly contact the ViaThinkSoft server through a secure connection and send following information:</p>

        <ul>

        <li>Privacy level (0, 1 or 2)</li>

        <li>System ID</li>

        <li>Public Key</li>

        <li>Current URL</li>

        <li>Administrator email address</li>

        <li>System title</li>

        <li>List of OID roots that this system is sending</li>

        <li>Version of your system (SVN revision)</li>

        <li>Installation type (ZIPed SVN snapshot or SVN working copy)</li>

        </ul>

        <p>ViaThinkSoft will store this data internally and publish parts into the public directory service located at <a href="https://oidplus.viathinksoft.com/oidplus/?goto=oid%3A1.3.6.1.4.1.37476.30.9">https://oidplus.viathinksoft.com/oidplus/?goto=oid%3A1.3.6.1.4.1.37476.30.9</a> :</p>

        <p>The public record contains:</p>

        <ul>

        <li>System ID</li>

        <li>Public key</li>

        <li>Current URL</li>

        </ul>

        <p>The other information will stay on the ViaThinkSoft internal database and will not be shared with other parties.</p>

        <p>If the system admin enabled this option and want to revoke the permission, the system admin has to change the privacy level in the administrator login / control panel. The system will automatically contact the ViaThinkSoft server again and performs a deletion of all data.</p>

        <p>Please note that the deletion of the record in the directory service does not delete OID/RA information which is already submitted at oid-info.com (if option 0 was chosen). To delete this data, the system admin needs to contact the OID Repository Webmaster at <a href="mailto:admin@oid-info.com">admin@oid-info.com</a></p>

        <h3><em><u>Publish RA/OID data at oid-info.com (option 0)</u></em></h3>

        <p>If privacy level option 0 is chosen, the system regularly contacts the ViaThinkSoft server through a secure connection and sends the public RA/OID data. ViaThinkSoft will store this data and redirect it to the OID Repository Webmaster who will review the data and eventually submit it to the public repository www.oid-info.com</p>

        <p>If the system admin enabled this option and want to revoke the permission, the system admin has to change the privacy level in the administrator login / control panel to option 1 or 2 (to avoid that data is sent again). To remove already submitted OIDs, the system admin needs to contact the OID Repository Webmaster at <a href="mailto:admin@oid-info.com">admin@oid-info.com</a></p>

        <h3><em><u>Hide system (option 2)</u></em></h3>

        <p>If privacy level option 2 was chosen, the system will neither contact ViaThinkSoft, nor oid-info.com.</p>

        <h2><strong><u>Log files</u></strong></h2>

        <h3><em><u>Logs by OIDplus</u></em></h3>

        <p>OIDplus manages log entries for specific events like logins, OID/RA modifications, creating and deletion of OIDs, etc.</p>

        <p>These log messages are stored in the DBMS only.</p>

        <p>All log events are visible to the system admin.</p>

        <p>Some events are visible to the RA and/or the Superior RA.</p>

        <p>Log events may show the IP addresses of the computer that was connected to the OIDplus system and the email address if the RA was logged in using their credentials.</p>

        <p>OIDplus does not provide a function to delete log events. A deletion must be done in the database directly, e.g. using a database client like phpMyAdmin.</p>

        <h3><em><u>Logs by host software, firewalls etc.</u></em></h3>

        <p>Beside logs created by OIDplus, other client- or server-side software involved in processing the web requests (like the Apache web server, the PHP script interpreter, the MySQL database server, the Operating System, the web browser or various firewalls) might log traffic and queries in various ways. These logs are independent of OIDplus and need to be managed by the system administrator and/or network administrators.</p>

        <p>If you are concerned about the contents of the log files, please contact the system administrator.</p>

        <h2><strong><u>Cookies</u></strong></h2>

        <p>OIDplus does only use cookies for the following purposes:</p>

        <table border="1">

        <tbody>

        <tr>

        <td width="122">

        <p><strong>Cookie</strong></p>

        </td>

        <td width="114">

        <p><strong>Category</strong></p>

        </td>

        <td width="139">

        <p><strong>Usage</strong></p>

        </td>

        <td width="118">

        <p><strong>Will be created:</strong></p>

        </td>

        <td width="126">

        <p><strong>Will be deleted:</strong></p>

        </td>

        </tr>

        <tr>

        <td width="122">

        <p>Login-Cookie</p>

        </td>

        <td width="114">

        <p>Essential</p>

        </td>

        <td width="139">

        <p>Contains a session key that is used to determine the user&rsquo;s log-in-state and the permissions.</p>

        </td>

        <td width="118">

        <p>During login of a user or admin using their password.</p>

        </td>

        <td width="126">

        <p>When the user is logged out, and/or the browser session closed.</p>

        </td>

        </tr>

        <tr>

        <td width="122">

        <p>SSL-Detect-Cookie</p>

        </td>

        <td width="114">

        <p>Essential</p>

        </td>

        <td width="139">

        <p>If the option &ldquo;automatic SSL detection&rdquo; is enabled by the system admin, this cookie will check if the SSL port is open, to allow an automatic redirection of HTTP to HTTPS.</p>

        </td>

        <td width="118">

        <p>During the first page visit</p>

        </td>

        <td width="126">

        <p>When the browser session is closed.</p>

        </td>

        </tr>

        </tbody>

        </table>

        <h2><strong><u>External JavaScripts</u></strong></h2>

        <p>During the loading of the web page, various JavaScripts are included to improve the user experience and add essential functionalities. The basic scripts are the JavaScript files of OIDplus itself, which are stored on the server of the particular OIDplus installation.</p>

        <p>There are two JavaScripts which are loaded from an external source/server:</p>

        <h3><em><u>Polyfill (only if Internet Explorer is used)</u></em></h3>

        <p>To make OIDplus compatible the web browser &ldquo;Internet Explorer&rdquo;, OIDplus will include a JavaScript script from &ldquo;polyfill.io&rdquo; which is a service by Financial Times.</p>

        <p>Please see their <a href="https://polyfill.io/v3/privacy-policy/">Privacy Policy</a> and <a href="https://polyfill.io/v3/terms/">terms of service</a> for more information.</p>

        <p>The polyfill JavaScript is only included if OIDplus detects that the web browser is Internet Explorer.</p>

        <p>To disable the Polyfill feature, the system administrator needs to delete the following line in the source code file &ldquo;oidplus.js&rdquo; in the folder of the OIDplus installation.</p>

        <p><code>oidplus_loadScript('https://polyfill.io/v3/polyfill.min.js?features=fetch%2CURL');</code></p>

        <p>The deletion of this line on server-side and/or the blocking of the JavaScript on client-side will result in the page not working on &ldquo;Internet Explorer&rdquo; web browser.</p>

        <h3><em><u>ReCAPTCHA (only if &ldquo;ReCAPTCHA&rdquo; is enabled)</u></em></h3>

        <p>To protect sensitive functions of OIDplus (e.g. the login form) from hackers, the system administrator can enable &ldquo;ReCAPTCHA&rdquo; which is a service of Google. Before enabling ReCAPTCHA in the OIDplus setup/settings, the system administrator has to request an API key from Google. The usage of ReCAPTCHA will probably introduce additional cookies which are out of the control of OIDplus.</p>

        <p>Please see <a href="https://policies.google.com/privacy">Google&rsquo;s Privacy Policy</a> and <a href="https://policies.google.com/terms">terms of service</a> for more information.</p>

        <p>If the system administrator has not enabled the ReCAPTCHA feature, no external script will be included at all.</p>

        <p>If the feature is enabled, blocking the ReCAPTCHA JavaScript on client-side will result in various functionalities (like the login form) not working.</p>

        <h2><strong><u>Additional security / access controls</u></strong></h2>

        <p>System administrators can choose other methods to disable access from the public, e.g. by using firewalls (so that clients cannot access the server at all) or by setting up a password protection at the level of the web server software (e.g. &ldquo;Basic Auth&rdquo; on Apache) on web-server level (so that the clients cannot access the directory where OIDplus is installed in).</p>

        <h2><strong><u>Encrypted network connections</u></strong></h2>

        <p>The server administrator is responsible for securing the network connections using &ldquo;HTTPS&rdquo;. This is done at web server level (i.e. an Apache module/setting) and independent from OIDplus.</p>

</body>

</html>