Re: commercial ssl certs and sslwrap
I don't know about the quality of the encryption, but if you ever want to use that SSL cert for the web or other services, if your cert isn't verified with them, a window will pop up for the users every time they access saying how it's insecure.
I was under the impression that the encryption isn't any better. It's still the same algorithm, just different key. But I'm no security expert.
--Harlan
On Sun, Jan 14, 2001 at 04:43:55PM -0800, Nate Amsden wrote:
> im curious if anyone has used a commercial
> ssl certificate from someone like verisign
> with sslwrap? ive read many places that
> in general self signed certs(and the tools
> that generate them) can have much poorer
> quality encryption(much has to do
> with the inability to get truely random
> data) then the commercial certs do.
>
>
> because im on the verge of deploying
> imap4+ssl and pop3+ssl i want the best
> level of encryption i can get with the ssl.
> cost really isn't much of an issue. and
> the mail servers themselves are dual
> p3-800s which should easily be able to
> handle the load of 5-10 concurrent
> connections(At the most).
>
> any experiences or ideas would be
> appreciated:) thanks!
>
> nate
> --
> :::
> ICQ: 75132336
> http://www.aphroland.org/
> http://www.linuxpowered.net/
> aphro@aphroland.org
--
Harlan Crystal E-mail: harlan@nyc.rr.com
AIM: 'Harlan Crystal' WWW: http://www.sdf1.cc
Reply to: