• Read user data — Read your calendar entries, contacts, or any other personal data
• Edit user data — Add personal data, such as entries to your address book.
You can define how you will be prompted to confirm Java application access to device functions. Select one of the following
values:
• Ask every time — Require the Java application to ask for your confirmation each time it uses the functionality.
• Ask first time — Require the Java application to ask for initial confirmation to use the functionality.
• Always allowed — Allow the Java application to use the functionality without your confirmation.
• Not allowed — Prevent the Java application from using the functionality.
The security settings help protect your device against harmful Java applications that may use the functions of your device without
your permission. Only select Always allowed if you know the supplier and trustworthiness of the application.
Certificate manager
Important: Even if the use of certificates makes the risks involved in remote connections and software installation
considerably smaller, they must be used correctly in order to benefit from increased security. The existence of a
certificate does not offer any protection by itself; the certificate manager must contain correct, authentic, or trusted
certificates for increased security to be available. Certificates have a restricted lifetime. If "Expired certificate" or
"Certificate not valid yet" is shown even if the certificate should be valid, check that the current date and time in your
device are correct.
Before changing any certificate settings, you must make sure that you really trust the owner of the certificate and that
the certificate really belongs to the listed owner.
Digital certificates are used to verify the origins of software but do not guarantee safety. There are three different types of
certificates: authority certificates, personal certificates, and server certificates. During a secure connection, a server may send a
server certificate to your device. Upon receipt, it is checked through an authority certificate stored on your device. You receive
notification if the identity of the server is not authentic or if you do not have the correct certificate in your device.
Download a certificate from a web site, or receive a certificate as an e-mail attachment, or as a message sent through a Bluetooth
or infrared connection. Certificates should be used when you connect to an online bank or a remote server to transfer confidential
information. They should also be used if you want to reduce the risk of viruses or other malicious software, and to check the
authenticity of software when you download and install software to your device.
Tip: When you add a new certificate, check its authenticity.
Manage personal certificates
Personal certificates are certificates that are issued to you.
To add certificates to your device, select a certificate file and Save. To remove a selected certificate, select Options > Delete.
To check the authenticity of a certificate, select a certificate and View details. Fingerprints uniquely identify a certificate. Contact
the help desk or customer service of the owner of the certificate, and ask to compare fingerprints. Six-digit private key store
passwords contain the secret keys that come with personal certificates.
Manage authority certificates
Authority certificates are used by some services to check the validity of other certificates.
To add certificates to your device, select a certificate file and Save. To remove a selected certificate, select Options > Delete.
To check the authenticity of a certificate, select a certificate and View details. Fingerprints uniquely identify a certificate. Contact
the help desk or customer service of the owner of the certificate, and ask to compare fingerprints. Six-digit private key store
passwords contain the secret keys that come with personal certificates.
Trusting a certificate means that you authorize it to verify web pages, e-mail servers, software packages, and other data. Only
trusted certificates can be used to verify services and software.
To change trust settings, select a certificate and Options > Trust settings. Select an application field and Yes or No. You cannot
change the trust settings of a personal certificate.
Depending on the certificate, a list of applications is displayed that can use the certificate:
• Symbian installation — New Symbian operating system application.
• Internet — E-mail and graphics.
• App. installation — New Java™ application.
• Online certif. check — Online certificate status protocol.
View certificate details
You can only be sure of the correct identity of a server when the signature and the period of validity of a server certificate have
been checked.
To view certificate details, select a certificate and View details.
T o o l s
© 2007 Nokia. All rights reserved. 87