ssl certificates for secure websites
Download
Skip this Video
Download Presentation
SSL Certificates for Secure Websites

Loading in 2 Seconds...

play fullscreen
1 / 11

SSL Certificates for Secure Websites - PowerPoint PPT Presentation


  • 401 Views
  • Uploaded on

SSL Certificates for Secure Websites Dan Roberts Kent Network Users Group Wednesday, 17 March 2004 Two Features of SSL Website Security Encrypted data channel for privacy SSL certificate for identity verification Is the organization who it claims to be? Is this a legitimate company?

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'SSL Certificates for Secure Websites' - Rita


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
ssl certificates for secure websites

SSL Certificatesfor Secure Websites

Dan Roberts

Kent Network Users Group

Wednesday, 17 March 2004

two features of ssl website security
Two Features of SSL Website Security
  • Encrypted data channel for privacy
  • SSL certificate for identity verification
    • Is the organization who it claims to be?
    • Is this a legitimate company?
website with ca signed ssl certificate
Website withCA-signed SSL Certificate

“I am wfs.kent.edu.. you can verify my identity with VeriSign.”

Through your browser’s pre-established trust relationship with VeriSign, you automatically trust anyone who presents one of their certificates.

website with self signed ssl certificate
Website withSelf-signed SSL Certificate

“I am webmail.kent.edu.. you can verify my identity with webmail.kent.edu”

Since there is no pre-existing trust relationship with webmail.kent.edu in your browser, a security alert message appears.

self signed ssl certificates
Self-signed SSL Certificates
  • Free and unlimited supply
  • Only trust relationship between users and server already exists
  • Use for:
    • Internal development
    • Intranet applications
self signed ssl certificates6
Self-signed SSL Certificates
  • Kent has its own self-signing Certification Authority (CA) at http://cert.kent.edu
    • Installed on growing number of campus PCs
  • Certificate signing requests can be submitted to Greg Dykes or Dan Roberts
ca signed ssl certificates
CA-signed SSL Certificates
  • Expensive (VeriSign $250-$400/cert per yr)
  • Useful when trust is not a given
    • Allows user to verify your identity
    • Eliminates warning message
  • Use for:
    • Public-facing web sites
    • Transactions involving commerce and/or exchange of personal information
alternative to verisign
Alternative to VeriSign
  • GeoTrust
    • Trusted root certification authority
    • Same pre-established trust as VeriSign
    • Managed PKI services with certificate request processing tools for supporting constituents
    • Less cost (less than $150/cert per year)
    • Quantity and multi-year discounts available
    • Website: http://www.geotrust.com
geotrust s ca certificate
GeoTrust’s CA certificate

GeoTrust’s CA certificate has 99.9% browser penetration, and appears in your computer’s Trusted Root Certification Authority container as “Equifax”

discussion
Discussion
  • University-wide opportunity to lower costs and centralize certificate management
    • Use self-signed certificates internally
    • Use alternate CA for public-facing sites
  • Concerns? Questions? Suggestions?
  • Interested in participating?
contact information
Contact Information

Dan Roberts

Administrative Computing Services

[email protected]

330-672-5373

ad