Re: Seeking RFP text for server and messaging cert mgmt services

[Mike Wiseman <mike.wiseman () UTORONTO CA>]

Hi Larry,

I'd be interested in details of the problems you found with Comodo - before I pursue
pushing them a lot harder! Did the Oracle server support SSLv3? Also, what were the email
issues?

Thanks,

Mike

Mike Wiseman
Manager - Computer Security Administration
Computing and Networking Services
University of Toronto

----- Original Message -----
From: "Larry Jennings" <ljenning () UTK EDU>
To: <SECURITY () LISTSERV EDUCAUSE EDU>
Sent: Tuesday, June 15, 2004 12:47 PM
Subject: Re: [SECURITY] Seeking RFP text for server and messaging cert mgmt services


> Many of our certs are through Comodo (InstantSSL) as well but we have
> found that certain products won't work with their certs, Oracle App server
> being one.  I've also had problems using their email signing certificate
> where a Thawte provided one has worked effortlessly.  So we continue to
> use Thawte for those applications that don't work with InstantSSL.
>
> The price is definitely a strong point with InstantSSL.  But with that low
> price comes an occasional incompatibility problem.
>
>
> Larry
>
>
> Larry Jennings
> IT Manager, NT-Unix Systems Group
> University of Tennessee
> Voice:  (865)974-1619
> Email:  ljenning () utk edu
>
>
>
> Mike Wiseman <mike.wiseman () UTORONTO CA>
> Sent by: The EDUCAUSE Security Discussion Group Listserv
> <SECURITY () LISTSERV EDUCAUSE EDU>
> 06/15/2004 10:36 AM
> Please respond to
> The EDUCAUSE Security Discussion Group Listserv
> <SECURITY () LISTSERV EDUCAUSE EDU>
>
>
> To
> SECURITY () LISTSERV EDUCAUSE EDU
> cc
>
> Subject
> Re: [SECURITY] Seeking RFP text for server and messaging cert mgmt
> services
>
>
>
>
>
>
> Our cert needs started out similarly - SSL certs for administrative
> websites. The central
> IT group purchased Verisign certs up front and were provided with web
> management
> capability to verify the requestor and handle internal chargeback. I
> believe the cost of
> the certs discouraged most academic departments from offering https and so
> growth in their
> use was low. This past year after some investigation we moved to Comodo
> mainly because the
> server cert prices are much lower and now there is more interest in
> implementing https.
> The reasons for the big price difference seem to be nebulous - my guess is
> they have to do
> with maturity in the CA business as well as the chained cert technology.
>
> Mike
>
> Mike Wiseman
> Manager - Computer Security Administration
> Computing and Networking Services
> University of Toronto
>
> ----- Original Message -----
> From: "Bill Frazier" <frazier () IASTATE EDU>
> To: <SECURITY () LISTSERV EDUCAUSE EDU>
> Sent: Tuesday, June 15, 2004 8:58 AM
> Subject: Re: [SECURITY] Seeking RFP text for server and messaging cert
> mgmt services
>
>
> > When we got into the use of certs (mostly SSL, a very few
> > code-signing), I had trouble finding a cost effective vendor.
> > This was several years ago.  The actual number of certs needed
> > was unknown as people all over campus were just beginning to
> > realize that these things were useful.  At any rate, we
> > settled on the SPKI (Starter PKI) package from Thawte (since
> > purchased by Verisign but still operating as Thawte).  As it
> > stands now, I purchase what amount to cert tokens in advance.
> > Each of these can be used to purchase a particular kind of
> > cert.  AIT has the contract and we act as the aproving agent
> > (Security Officer).  Cert are issued to requestors (Technical
> > Officers).  The whole thing is web based and we control who
> > are on the list of tech officers.
> >
> > Bill
> >
> > __________________________________________________________________
> > On Mon, 14 Jun 2004 09:57:06 CDT, Gary Dobbins wrote:
> >
> > Has anyone constructed an RFP they can share related to external cert
> > mgmt services like the examples below?  (a couple of Verisign's and
> > Geotrust's offerings)
> >
> >
> > Managed PKI for SSL
> > http://www.verisign.com/products/onsite/ssl/index.html
> >
> > Enterprise SSL
> > http://www.geotrust.com/enterprise_security/enterprisessl.htm
> >
> >
> > True Credentials Express
> > http://www.geotrust.com/enterprise_security/truecredexp.htm
> >
> > Managed PKI for Trusted Messaging
> > http://www.verisign.com/products/trustedMessaging/index.html
> >
> > --
> >
> >    ------------------------------------------------------------
> >    Gary Dobbins, CISSP -- Director, Information Security
> >    University of Notre Dame, Office of Information Technologies
> >
> > **********
> > Participation and subscription information for this EDUCAUSE Discussion
> > Group d
> > iscussion list can be found at http://www.educause.edu/cg/.
> >
> >
> >
> >
> > __________________________________________________________________
> > Bill Frazier                                 frazier () iastate edu
> > Assistant Director/Software Support          voice: (515) 294-8620
> > Iowa State University                        fax:   (515) 294-1717
> > Academic Information Technologies, 291 Durham, Ames, Iowa 50011
> >
> > **********
> > Participation and subscription information for this EDUCAUSE Discussion
> Group discussion
> list can be found at http://www.educause.edu/cg/.
> >
>
> **********
> Participation and subscription information for this EDUCAUSE Discussion
> Group discussion list can be found at http://www.educause.edu/cg/.
>
>
>
> **********
> Participation and subscription information for this EDUCAUSE Discussion Group discussion
list can be found at http://www.educause.edu/cg/.
>

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.