Educause Security Discussion mailing list archives
Re: SSL scaling
From: Jay Fowler <fowler () CSUFRESNO EDU>
Date: Wed, 15 Jun 2011 13:40:46 -0700
----- Original Message ----- From: "John Ladwig" <John.Ladwig () CSU MNSCU EDU> To: SECURITY () LISTSERV EDUCAUSE EDU Sent: Wednesday, June 15, 2011 12:33:28 PM Subject: Re: [SECURITY] SSL scaling InCommon seems to be operating as a reseller of Comodo certs, which implies that they may chain back to top-level CAs recognized by common browsers and operating systems. I disremember what Ipsca offers, in terms of broad recognition. It'd be a kindness if someone could refresh us on the need or absence of need to do local browser-cert installation to take advantage of these lower-cost services. With InCommon, you log into their web site, submit the CSR and they email links to the signed, intermediate and root certs. The turn around time has been on the order of a few minutes to a couple hours. The intermediate cert is from InCommon, issued by Comodo. The application needing a certificate will need to know about the intermediate and possibly the root CA cert, but client browsers and operating systems seem to already have the root CA. And because clients have the root CA, the end user is not being being prompted to install untrusted certs. Jay
Current thread:
- SSL scaling Michael A. Smith (Jun 15)
- Re: SSL scaling Julian Y Koh (Jun 15)
- Re: SSL scaling Jay Fowler (Jun 15)
- Re: SSL scaling Dexter Caldwell (Jun 15)
- Re: SSL scaling John Ladwig (Jun 15)
- Re: SSL scaling Flynn, Gary - flynngn (Jun 15)
- Re: SSL scaling Jay Fowler (Jun 15)
- Re: SSL scaling Frazier, William S [ITSYS] (Jun 15)
- Re: SSL scaling John Ladwig (Jun 15)
- Re: SSL scaling Frazier, William S [ITSYS] (Jun 15)
- Re: SSL scaling King, Ronald A. (Jun 15)
- Re: SSL scaling Jack Suess (Jun 15)
- Re: SSL scaling Hubert, Wesley R (Jun 16)
- Re: SSL scaling Michael Fertig (Jun 17)
- Re: SSL scaling Kevin Halgren (Jun 21)
- Re: SSL scaling Jack Suess (Jun 17)
- Re: SSL scaling Andy Hooper (Jun 20)
- Re: SSL scaling Michael Fertig (Jun 17)