Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

SSL with Outlook

Posted on 2006-10-25
6
Medium Priority
?
387 Views
Last Modified: 2008-03-17
Experts.
What is the difference between SelfSSL and purchasing an SSL certificate from Verisign.  I am not hosting a website and am only interested in securing OWA.  Thanks.
0
Comment
Question by:hckynt
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 23

Assisted Solution

by:Tim Holman
Tim Holman earned 240 total points
ID: 17803507
Technically, absolutely nothing.  The SSL cipher strength and security of your applications are identical.
It's all a matter of trust.
Big companies will use Verisign, as it's internationally recognised as a trusted authority that can issue certificates.
Small companies/home users can get away with self-signing SSL certificates, especially if there's only one IT administrator in the company.  Just make sure you keep the keys in a safe place.
0
 

Author Comment

by:hckynt
ID: 17803556
Thanks for thre quick response.  Please correct me if I am wrong but SelfSSL is free and Verisgin is like $1,000.00?  So I am paying the grand for "image and impression"?

Thanks!
0
 
LVL 18

Accepted Solution

by:
PowerIT earned 260 total points
ID: 17804627
No no, not for "image and impression'. The difference is that Verisign is an internationally trusted authority, which means that their root certificates are already added by default to the trusted certificates in your webbrowser. So when signing your website with a Verisign certificate it is automatically accepted by the browser. Which is very important for large scale sites which use a lot of https, but indeed not for your OWA.

J.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:hckynt
ID: 17804719
Thanks guys!  Great information.  Bottom line I guess, is with OWA only SelfSSl is the way to go.  Whern hosting a high traffice commerce website, verisigin is the way to go.  One more question.  Verisigin says I can add certificates for each user to encrypt their mail messages.  The cost I bwlieve is $20.00/yr.  Will adding these casue any problems if I implement the SelfSSL?  Thanks!!!!!
0
 
LVL 18

Expert Comment

by:PowerIT
ID: 17805944
No those won't create a problem. They are not used for SSL, but for encrypting the messega itself or for signing it (if that's what's in the certificate key usage).
Typically when encrypting mail the transmitter encrypts with the public key of the receiver, who then decrypts with his own private key.
When signing a mail, the  transmitter encrypts a hash ot the message with his own private key. Then the receiver decrypts the hash with his public key and compares it with a hash which he calculated himself. This is also used in non-repudiation schemes.
Of course, email client software must make this as transparent as possible for the user. You have to add that individual certificate to the client software.

J.
0
 

Author Comment

by:hckynt
ID: 17805986
Thank you all!
0

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

IF you are either unfamiliar with rootkits, or want to know more about them, read on ....
With the evolution of technology, we have finally reached a point where it is possible to have home automation features like having your thermostat turn up and door lock itself when you leave, as well as a complete home security system. This is a st…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question