March 2001


Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Mike Austin <[log in to unmask]>
Reply To:
Departmental Technology Coordinators <[log in to unmask]>
Mon, 5 Mar 2001 10:45:15 -0500
TEXT/PLAIN (41 lines)
On Fri, 2 Mar 2001, Rohr, Rob wrote:

> Does the University have a Server Authentication Certificate from a
> trusted Certificate Authority (CA) for the purposes of web communication
> using SSL?

Yes, we have several.

> Does the University have the capability to generate new trusted
> Certificates for departmental use to allow for SSL communication on
> departmental servers?

We aren't a CA, so no, we can't generate new trusted certificates for
departmental use.

We in CIT use Equifax as our CA.  We get certificates for $68 each.

> Is there a policy on the generation and use of Certificates used in
> Public Key encryption schemes?

No policy as of yet.

> We would like to enable SSL on our web servers but require a trusted CA
> to issue our Server Authentication Certificate and would prefer not to
> have to spend money annually to Verisign, for instance, if UVM already
> has a trusted certificate and the ability to generate subordinate
> certificates from theirs.  Our alumni deserve as much privacy as our
> current students, faculty and staff.  We can generate keys and
> certificates willy nilly, but until our site has a trust link back to a
> CA, our certificates are worthless.

We already have several server certificates, but we aren't a CA, so we
can't sign your certificates.

How many certificates would you want to buy?  If purchased in bulk, we can
get a better deal than $68 each.

Let me know if you have any questions.