[1802] in WWW Security List Archive
Re: Intranet: *Internal* Certifying Authority?
daemon@ATHENA.MIT.EDU (Mark Vandenwauver)
Wed Apr 10 06:02:56 1996
Date: Wed, 10 Apr 1996 09:51:57 +0200
To: Jamey Maze <jnm@ornl.gov>
From: Mark Vandenwauver <Mark.Vandenwauver@esat.kuleuven.ac.be>
Cc: www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
>I was thinking of asking this same question after seeing that the lastest
>Netscape beta, "Atlas PR1", now supports client-side certificates and
>multiple certificate authorities. I believe for this to work, you need a
>server that supports client-side authentication. Netscape's Enterprise
>Server 2.0, which appears to replace Commerce Server, will do this. I'm
>sure other vendors are working on comparable products as well.
>
>I tried to look into what products would support this a couple years ago. I
>only found 2 solutions, one being a $15,000 "CIS" box from RSA and another
>being the freeware from TIS, TIS-PEM. I didn't really like either. About a
>year ago, RSA announced a PC-based software-only CIS product, but I don't
>know if they ever released it. I've also been hearing a lot about Entrust,
>but don't know if it meets this need.
>
>I too would like to be able to setup a local Certificate Authority (CA).
>This CA would be for internal-use only and so, at least at first, I'd
>prefer to not have to purchase any CA services from an outside vendor.
>(Would be a nice option for the future when there will be enough external
>activity to justify the cost.) I'd like for my local CA to interoperate
>with Netscape Navigator's "Obtain New Certificate" option (Security
>Preferences, Personal Certificates).
>
>If anyone has some good advice in this area, I'd appreciate hearing...
>
>Thanks!
>
There is a company here in Belgium called Uti-maco who has an X.509 CA product.
(on a Windows PC)
They have a distributor inside the US to so if you want to know more about this
just send me an e-mail and I will forward your questions.
Mark
