Re: Seeking RFP text for server and messaging cert mgmt services

[Bill Kyle <bill.kyle () JHU EDU>]

Gary,

I do not have a RFP. However, a couple of years ago I went through the process 
of locating a vendor to meet our needs here at Johns Hopkins.

After all of the research into the different offerings from the vendors that 
had products that met our needs (128 bit certificates) I chose GeoTrust. The 
first order was for a block of 100 certificates with a one year life (from 
time of issue). We supplied GeoTrust with a list of all of the domains 
belonging to us. They do what they call pre-vetted domains... all domains 
that we have registered with them will have an order accepted and put on hold 
for our approval. We are then notified via electronic mail of the outstanding 
order. We then log into GeoTrust to approve or reject the order. The nice 
thing is the GeoTrust has a SOAP interface that will allow you to create an 
internal web site that can totally automate the process and the user can have 
a certificate issued as fast as SMTP can get it through the ques.

It only took us around ten months to use the first block of certificates. We 
then purchased a block of 100 certificates good for two years (at an 
additional cost savings). We are now on our third block of certificates.

We have found GeoTrust very easy to work with in meeting our needs. Adding a 
new domain to our list of pre-vetted domains consist of faxing a letter to 
their "Rapid Response Unit" (they require a signature for audit). They have 
produced certificates for us with Subject Alternate Names for our mail 
servers. These certificates with the Subject Alternate Names require manual 
intervention by GeoTrust and do cost more. They are evaluating the market for 
these certificates and looking at automating the process which will drop the 
cost.

Over all we are more than pleased with GeoTrust as a supplier of SSL 
certificates for us here at Johns Hopkins. Our sales person is Jen White 
(781) 263-4134. Jen will be able to put you in contact with the correct 
person if she is not the correct person. I believe the more people we have in 
the educational field using GeoTrust the larger discount we might get from 
them on their products. And, right now our cost is so much less that the 
other vendors we consider the certificates "disposable" for test systems that 
will not need them for the full period.

On Monday 14 June 2004 10:57 am, Gary Dobbins wrote:
> Has anyone constructed an RFP they can share related to external cert
> mgmt services like the examples below?  (a couple of Verisign's and
> Geotrust's offerings)
>
>
> Managed PKI for SSL
> http://www.verisign.com/products/onsite/ssl/index.html
>
> Enterprise SSL
> http://www.geotrust.com/enterprise_security/enterprisessl.htm
>
>
> True Credentials Express
> http://www.geotrust.com/enterprise_security/truecredexp.htm
>
> Managed PKI for Trusted Messaging
> http://www.verisign.com/products/trustedMessaging/index.html
>
> --
>
>    ------------------------------------------------------------
>    Gary Dobbins, CISSP -- Director, Information Security
>    University of Notre Dame, Office of Information Technologies
>
> **********
> Participation and subscription information for this EDUCAUSE Discussion
> Group discussion list can be found at http://www.educause.edu/cg/.

-- 
Best wishes,
Bill Kyle
Sr. Systems Software Architect
410.516.3364
Johns Hopkins Network Security
Johns Hopkins University and Medical Institutions

--
From: "Spam Catcher" <spam-catcher () adept org>
To: spam-catcher () adept org

Don't send email to the address listed here or you will be added
to a blacklist!  It is a TRAP for address harvesters.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.