Security Basics mailing list archives

Re: SSL Server IDs

From: Nicholas Diotte <xphox () xphox net>
Date: 19 Nov 2003 19:58:04 -0000

In-Reply-To: <BAY5-F294OxAA8lCaHp00014078 () hotmail com>

I'm sorry, I should have mentioned.  This will be used for internal servers, ranging from our Trouble Ticket System, 
KVM IP Switches, to our IIS/Apache servers.  However we are a Financial Institution, which leads me to believe self 
sign certs may not be an options.  That is why I need to learn as much as possible regarding SSL certificates.  In the 
past for my personal use, I've always used self signed, however are their drawbacks... etc..

Thanks,
--Nick


<snip>
How big is your company?  If it's small and most of the usage is internal, then self-sign using a certificate authority 
and then trust the certificate authority through their browsers.  But if you have many external customers, then it'll 
increase their confidence in your sites if you use Verisign, whether they are secure or not.  My 2 cents.
</snip>


---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

SSL Server IDs Nicholas Diotte (Nov 18)
- RE: SSL Server IDs Bruce Davis (Nov 21)
- <Possible follow-ups>
- Re: SSL Server IDs ty kirk (Nov 19)
  - RE: SSL Server IDs Glenn Pearl (Nov 20)
    - Re: SSL Server IDs Steve (Nov 20)
    - Re: SSL Server IDs Anders Reed-Mohn (Nov 24)
    - Re: SSL Server IDs Todd (Nov 25)
    - Re: SSL Server IDs Jimi Thompson (Nov 25)
    - RE: SSL Server IDs dave kleiman (Nov 21)
- Re: SSL Server IDs Nicholas Diotte (Nov 20)