Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Free SSL certs for .edu by company included in browser lists

From: Steve Lovaas <steven.lovaas () COLOSTATE EDU>
Date: Fri, 17 Nov 2006 10:07:42 -0700
This behavior would actually limit the risk of using wildcard certs, if
(as it seems) you would need to have a single wildcard for each
department to get around this. That way the distribution is within a
department, and the expiration/revocation would affect only that department.

Steve Lovaas
Colorado State University



Dick Jacobson wrote:


Against my wishes, we purchased a wildcard for one of our institutions
(*.<inst>.edu) about a month ago.  I was informed two days ago that it
does not play well with all the browsers (I think it was the recently
upgraded Outlook).

Everything at the third level of naming (www.<inst>.edu) will work but
anything above that (www.<dept>.<inst>.edu) fails.



--
==============================================================
Steven Lovaas, MSIA, CISSP
Network & Security Resource Manager
Academic Computing & Network Services
Colorado State University
970-297-3707
Steven.Lovaas () ColoState EDU
==============================================================
Previous By Date Next
Previous By Thread Next

Current thread: