|
Hello,
I'm looking for commentary/advice from OpenCA
administrators, particularly those in the academic sector. I have spent the
last few months working with OpenCA, with the goal of applying it to issue
end-user certs used for application authentication. The work has gone quite
well: offline CA, online RA with SCEP configured to do remote renewal
of keypairs/certs on PKCS#11 compatible SmartCards. In general, I think
OpenCA is a great piece of work.
I'm about to pitch this project to senior
management and I'd like to be able to mention other institutional
experience with OpenCA or PKI in general. I know it's not a
common way to manage authentication credentials in my sector in North
America, but it looks like it can be done at a reasonable cost and
acceptable security. I say only 'acceptable', because the desktops are,
in general, stand-alone Windows computers managed with varying degrees of
competency - key loggers and trojans are a concern.
What are in-house CAs being used for?
authentication, encryption? Any auditor issues? Are PKI services being targeted
to specific applications or used broadly? Comments on in-house vs.
commercial CA services?
Thanks for your time,
Mike
Mike Wiseman
Computing and Networking Services University of Toronto |
------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
