Re: Digital ID

From: Paul Adare (padare_at_newsguy.com)
Date: 10/25/05

• Next message: Nate Greenberg via WinServerKB.com: "Re: User Permissions Differ from Computer to Computer"
• Previous message: Joe Richards [MVP]: "Re: password expiration policy for admin and system accounts ?"
• Next in thread: Paul Adare: "Re: Digital ID"
• Maybe reply: Paul Adare: "Re: Digital ID"
• Maybe reply: Paul Adare: "Re: Digital ID"
• Maybe reply: Paul Adare: "Re: Digital ID"
• Reply: Alun Jones: "Re: Digital ID"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Tue, 25 Oct 2005 13:45:42 -0400

In article <9C896665-08B0-44F3-9930-0FAF7D281D5D@microsoft.com>, in the
microsoft.public.security news group, =?Utf-8?B?d2xpMmsy?= <wli2k2
@discussions.microsoft.com> says...

> VeriSign offers "Digital IDs for Secure Email." My question is if I setup
> my own Certificate Authority server, can I issue these "digital ids"?
>

Do you mean issue Verisign Digital IDs for Secure Email or issue your
own? If the former, then no, if the latter then yes, however, no one is
going to trust them. If you don't want to buy certificates from a vendor
such as Verisign then you'll need to subordinate your issuing CA to a
commercial root, such as Verisign.
How many certificates are you talking about here?

-- 
Paul Adare
MVP - Windows - Virtual Machine
http://www.identit.ca/blogs/paul/
"The English language, complete with irony, satire, and sarcasm, has
survived for centuries without smileys. Only the new crop of modern 
computer geeks finds it impossible to detect a joke that is not clearly 
labeled as such."
Ray Shea

---

• Next message: Nate Greenberg via WinServerKB.com: "Re: User Permissions Differ from Computer to Computer"
• Previous message: Joe Richards [MVP]: "Re: password expiration policy for admin and system accounts ?"
• Next in thread: Paul Adare: "Re: Digital ID"
• Maybe reply: Paul Adare: "Re: Digital ID"
• Maybe reply: Paul Adare: "Re: Digital ID"
• Maybe reply: Paul Adare: "Re: Digital ID"
• Reply: Alun Jones: "Re: Digital ID"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages RE: GPG and Signing ... native S/MIME support into their MUA's, ... I don't believe they own VeriSign. ... Also like other companies, they generally don't support ... for trusted certificates and CA's. ... (Debian-User) Re: Public Key on Enterprise CA ... 2000 or Windows Server 2003 Enterprise CA. ... I see that Verisign will sell ... > digital certificates for about $15 per user. ... > savings by managing your own subordinate CA with Verisign as the root CA ... (microsoft.public.win2000.security) Re: PGP and S/MIME ... > Netscape etc. include the VeriSign root certificate with their browser ... > because VeriSign gave them a large amount of money. ... > first to ship a browser which pops up a dialogue box every time the user ... to remove their certificates due to serious security concerns. ... (sci.crypt) SSL Mayhem ... Also if Verisign sent you a real big key looking thing ... this is a TMP Key then 9/10 your key will save as a .cer ... >click OK you should now be in the Certificates MMC. ... >of your SSL Server and get it on Tape or Boin it! ... (microsoft.public.inetserver.iis.security) Re: [Full-Disclosure] PGP vs. certificate from Verisign ... PGP vs. certificate from Verisign ... > that IE had no way of checking the revocation status, ... "The certificates could be used to sign programs, ActiveX controls, Office ... current Certificate Revocation List (CRL). ... (Full-Disclosure)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.security  > 2005-10