RE: RSA vs. Versigin. How do I choose?

["Shivangi Nadkarni" <shivangi () safescrypt com>]

Hi,

Firstly, what kind of certs are you looking for? If you are looking for SSL
certs, then RSA does not offer the same - u have to choose from VeriSign,
Geotrust, etc.

However, if you are looking for client certs (certs issued to individuals,
for eg), then you need to make a choice between subscribing to a " managed
service" (which is what VeriSign offers) or setting up the entire CA
infrastructure in house (which is what RSA offers). Both options have its
pros and cons - but a general thumb rule is that if you are not looking at
smaller number of certs (like upto say 5000 numbers), it is far more cost
effective as well as hassle-free to go with the VeriSign option. It also
offers you a lot of flexibility, scalability and also interoperability with
most browsers and email programs.

Hope this helps!

rgds
Shivangi
shivangi () safescrypt com

> -----Original Message-----
> From: GUY MONTGOMERY [mailto:kamelmont () msn com]
> Sent: Tuesday, September 14, 2004 10:31 PM
> To: webappsec () securityfocus com; security-management () securityfocus com;
> security-basicis () securityfocus com
> Subject: RSA vs. Versigin. How do I choose?
>
>
> Good day,
> I am in the process of implementing a PKI system for my organization.  I
> would like to hear some thoughts and opinions on which CA I should use to
> obtain my certificates. Should I use Versign or RSA?  Are there any known
> pros and cons for each?  Any insight, information or links to
> resources that
> would help me gain a better understanding of my option would be greatly
> appreciated.
>
> Thanks and have a good day
>
>
> Guy Montgomery
> kamelmont () msn com
> 703.851.3295
> A Leader is one who Serves...