Date: Fri, 27 Apr 2007 11:57:26 -0500 From: Paul Schmehl <pauls@utdallas.edu> To: freebsd-ports@freebsd.org Cc: ports@freebsd.org Subject: Re: certificate issuing for mail list users Message-ID: <FF63F468DE33A7816AD4F7A7@utd59514.utdallas.edu> In-Reply-To: <200704270952.45012.david@vizion2000.net> References: <200704270739.19254.david@vizion2000.net> <D5D034D6-5762-422E-B31C-E50032C0B453@mac.com> <200704270952.45012.david@vizion2000.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--==========BCE55AE8EB8F51CFB858========== Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline --On Friday, April 27, 2007 09:52:44 -0700 David Southwell=20 <david@vizion2000.net> wrote: > > I think I may not have been clear on this posting because you seem to be > misunderstanding my question. I have been very appreciative of the > responses I have received. > > I now moving on from that point and want to know if someone has built a > web interface that enables people to request certificates and supply > them so as to integrate certificate issuing into the total problem > solution. Yes. Verisign has. It sucks, although for the purpose for which you=20 intend to use it, it would suck less. I'm assuming you want to issue a single cert to each user, not separate=20 signing and encryption certs? Verisign has two ways that you can do that. You can use their servers, which requires that the administrators intervene = with each request for a cert. This is not burdensome if you're only going=20 to be issuing a few dozen certs. If you're going to be issuing hundreds,=20 you want to avoid this system. You can install your own, locally-hosted, certificate system. So long as=20 all you're doing is issuing certs, and you're not trying to intergrate with = Exchange, that system works fine. The Exchange integration is extremely=20 fragile and breaks in interesting ways that are difficult to troubleshoot. There may be other competitors now, but I am not aware of them. --=20 Paul Schmehl (pauls@utdallas.edu) Senior Information Security Analyst The University of Texas at Dallas http://www.utdallas.edu/ir/security/ --==========BCE55AE8EB8F51CFB858==========--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?FF63F468DE33A7816AD4F7A7>