Re: PKI Trust chain
From: Splatter (me_at_me.net)
Date: 08/05/03
- Next message: Walter Roberson: "Re: Wireless Internet Access and Corporate LAN connectivity"
- Previous message: Conny: "Tripwire versions?"
- In reply to: Gregf: "PKI Trust chain"
- Next in thread: Gregf: "Re: PKI Trust chain"
- Reply: Gregf: "Re: PKI Trust chain"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 5 Aug 2003 13:06:02 -0400
"Gregf" <dontspame@nospam.com> wrote in message
news:eYQXa.25755$vx3.7156522@kent.svc.tds.net...
> I am interested in implementing Win 2K certificate services. If I have
> Verisign (or similar) issue the root certificate for the root server, does
> that give me any avantage in verifying trust when communicating with
> external users? Or does it become irrelevant since we still have to
> exchange public keys?
Please elaborate, I'm not sure as opposed to what? I will guess and assume
you meant over a home rolled CA?
Getting your CA root cert from Verisign has an advantage over a self signed
root certificate because verisign ships as trusted in most OS, and browser
cert lists. If you use a home rolled root cert, users will have to install
your root certificate as a trusted party adding a step your users will have
to perform before they can use your service. If this is for a small number
of users, or a company intranet then obviously there is less of an impact,
but for a large sight with users outside the companies office, there would
be setup issues you would have to deal with.
Hope that was what you where asking
DP
- Next message: Walter Roberson: "Re: Wireless Internet Access and Corporate LAN connectivity"
- Previous message: Conny: "Tripwire versions?"
- In reply to: Gregf: "PKI Trust chain"
- Next in thread: Gregf: "Re: PKI Trust chain"
- Reply: Gregf: "Re: PKI Trust chain"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
