Educause Security Discussion mailing list archives
Re: Seeking RFP text for server and messaging cert mgmt services
From: Bill Kyle <bill.kyle () JHU EDU>
Date: Mon, 14 Jun 2004 13:07:37 -0400
Gary, I do not have a RFP. However, a couple of years ago I went through the process of locating a vendor to meet our needs here at Johns Hopkins. After all of the research into the different offerings from the vendors that had products that met our needs (128 bit certificates) I chose GeoTrust. The first order was for a block of 100 certificates with a one year life (from time of issue). We supplied GeoTrust with a list of all of the domains belonging to us. They do what they call pre-vetted domains... all domains that we have registered with them will have an order accepted and put on hold for our approval. We are then notified via electronic mail of the outstanding order. We then log into GeoTrust to approve or reject the order. The nice thing is the GeoTrust has a SOAP interface that will allow you to create an internal web site that can totally automate the process and the user can have a certificate issued as fast as SMTP can get it through the ques. It only took us around ten months to use the first block of certificates. We then purchased a block of 100 certificates good for two years (at an additional cost savings). We are now on our third block of certificates. We have found GeoTrust very easy to work with in meeting our needs. Adding a new domain to our list of pre-vetted domains consist of faxing a letter to their "Rapid Response Unit" (they require a signature for audit). They have produced certificates for us with Subject Alternate Names for our mail servers. These certificates with the Subject Alternate Names require manual intervention by GeoTrust and do cost more. They are evaluating the market for these certificates and looking at automating the process which will drop the cost. Over all we are more than pleased with GeoTrust as a supplier of SSL certificates for us here at Johns Hopkins. Our sales person is Jen White (781) 263-4134. Jen will be able to put you in contact with the correct person if she is not the correct person. I believe the more people we have in the educational field using GeoTrust the larger discount we might get from them on their products. And, right now our cost is so much less that the other vendors we consider the certificates "disposable" for test systems that will not need them for the full period. On Monday 14 June 2004 10:57 am, Gary Dobbins wrote:
Has anyone constructed an RFP they can share related to external cert mgmt services like the examples below? (a couple of Verisign's and Geotrust's offerings) Managed PKI for SSL http://www.verisign.com/products/onsite/ssl/index.html Enterprise SSL http://www.geotrust.com/enterprise_security/enterprisessl.htm True Credentials Express http://www.geotrust.com/enterprise_security/truecredexp.htm Managed PKI for Trusted Messaging http://www.verisign.com/products/trustedMessaging/index.html -- ------------------------------------------------------------ Gary Dobbins, CISSP -- Director, Information Security University of Notre Dame, Office of Information Technologies ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
-- Best wishes, Bill Kyle Sr. Systems Software Architect 410.516.3364 Johns Hopkins Network Security Johns Hopkins University and Medical Institutions -- From: "Spam Catcher" <spam-catcher () adept org> To: spam-catcher () adept org Don't send email to the address listed here or you will be added to a blacklist! It is a TRAP for address harvesters. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Seeking RFP text for server and messaging cert mgmt services Gary Dobbins (Jun 14)
- <Possible follow-ups>
- Re: Seeking RFP text for server and messaging cert mgmt services Bill Kyle (Jun 14)
- Re: Seeking RFP text for server and messaging cert mgmt services Elliot Metsger (Jun 14)
- Re: Seeking RFP text for server and messaging cert mgmt services Elliot Metsger (Jun 15)
- Re: Seeking RFP text for server and messaging cert mgmt services Bill Frazier (Jun 15)
- Re: Seeking RFP text for server and messaging cert mgmt services Mike Wiseman (Jun 15)
- Re: Seeking RFP text for server and messaging cert mgmt services Jere Retzer (Jun 15)
- Re: Seeking RFP text for server and messaging cert mgmt services Larry Jennings (Jun 15)
- Re: Seeking RFP text for server and messaging cert mgmt services Mike Wiseman (Jun 15)
- Re: Seeking RFP text for server and messaging cert mgmt services Gary Dobbins (Jun 15)
- Re: Seeking RFP text for server and messaging cert mgmt services Jere Retzer (Jun 15)
- Re: Seeking RFP text for server and messaging cert mgmt services Larry Jennings (Jun 15)
(Thread continues...)