----- Original Message ----- From: "Viljo Marrandi" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, July 30, 2002 3:19 PM Subject: Does Verisign Global Server ID requires Stronghold?
> Hello, > > Before I wasn't subscribed to the list, so sorry if this comes twice. > > We're making here one secure site and we ordered from Verisign their > Global Server ID and there in ordering form it says that these ID's are > available for platforms like C2Net Apache Stronghold, IBM, Netscape etc. > So do I really have to buy for $1000 USD Stronghold and $700 costing > RedHat or I can use this ID on free Apache/mod_ssl too? > > I found out that Stronghold also bases on mod_ssl and I didn't find any > articles saying that these ID's don't work on free servers. Please > enlighten me on this. Trust me, you can use these global server id's as well for plain old Apache with mod_ssl, I've used them myself. Questions is whether you really want a global server id? The only difference (besides price) between the two is that the global server id let's your clients "step-up" to 128 bit encryption IF the client is an older export-crippled browser (IE < 5.01, NS < 4.5). The standard secure server id also can do 128 bit encryption if the client browser is 128 bit native. If your clients all use relatively modern browsers (IE > 5.0 and NN > 4.5) than you don't need to spend the extra cash, your clients can use the secure server id and have strong encryption. hth Meint ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
