Educause Security Discussion mailing list archives
Re: SSL Certificates
From: Charlie Prothero <Charlie.Prothero () KEYSTONE EDU>
Date: Wed, 18 Mar 2009 09:09:32 -0400
We have been using IPSCA certs at Keystone College for years. They deliver certs via E-Mail, and their check is that you're listed as the technical or admin contact for your domain. I'm the admin contact, and our network admin is our tech contact, so either one of us can get a cert from IPSCA. By comparison, other CA's that we had dealt with were expensive and a hassle to work with (i.e. faxing or mailing documents around to prove who you are). IPSCA usually delivers a cert within a few hours of the request. As others have noted, IPSCA is in the trusted list on nearly everyone's browser. If anyone is still running a browser old enough not to have it, they're probably going to have other problems. Also, note that getting onto MS and Mozilla trusted CA lists requires passing an intensive audit. If they pass that standard, I'm pretty confident that they meet ours. Re: free the first two years, we have never tried to "renew" an expiring cert. IPSCA's system allows you to request a new cert for the same server name - so if you have one that's expiring, you can just go through the normal request process to get a new one. Once you get a cert, they send you a verification HTML page and an icon to display on your site to show that you're using IPSCA. I think that giving them a little PR is a small price to pay for the value we get from them, so we have posted them on our sites. Please feel free to visit the sites below to see how the IPSCA certs work: Mail server (Exchange OWA): http://samurai05.keystone.edu/ Student information system (net.data on an AS/400): https://kcconnect.keystone.edu/cgi-bin/login.mbr/login Cheers! - Charlie Charlie Prothero CIO Keystone College One College Green . La Plume, PA 18440 570-945-8015
Attachment:
smime.p7s
Description:
Current thread:
- SSL Certificates Mclaughlin, Kevin (mclaugkl) (Mar 17)
- <Possible follow-ups>
- Re: SSL Certificates Rowe, Ken (Mar 17)
- Re: SSL Certificates Jeff Giacobbe (Mar 17)
- Re: SSL Certificates Consolvo, Corbett D (Mar 17)
- Re: SSL Certificates John Ladwig (Mar 17)
- Re: SSL Certificates Gary Flynn (Mar 18)
- Re: SSL Certificates Brian Epstein (Mar 18)
- Re: SSL Certificates Ryan Fox (Mar 18)
- Re: SSL Certificates Charlie Prothero (Mar 18)
- Re: SSL Certificates Eric Torgersen (Mar 18)
- Re: SSL Certificates Doug Hoffman (Mar 18)
- Re: SSL Certificates Steven Tardy (Mar 18)
- Re: SSL Certificates Cal Frye (Mar 19)