Re: what certificate to buy from Verisign ?
- From: <jason.chen@xxxxxxxxxxxxxxxxx>
- Date: Thu, 15 Sep 2005 23:52:07 -0400
hi Steven,
I'd like X509 certificate to be used by both client and server, you
mentioned the server side can use a regular SSL certificate, can client also
use a regular ssl certificate on client side?
thanks,
-Jason
"Steven Cheng[MSFT]" <stcheng@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:dlKkV7luFHA.768@xxxxxxxxxxxxxxxxxxxxxxxx
> Thanks for your response Jason,
>
> As for the webservice client, it all depends on your application's
security
> authetication design. If you server doesn't use some authentication schema
> which require client certificates(x509 authentication based token
> authentication....) or the server dosn't require the client to use a
> certain certificate to identitfy clientside, then client app do not need
to
> have a own certificate. This is just like when we use SSL without
> requiring clientside certificate. Also, since you're using WSE, if you
> have used x509 certificate token to sign message at both
client/serverside,
> then, the clientside also must have its own certificate.
>
> Thanks,
>
> Steven Cheng
> Microsoft Online Support
>
> Get Secure! www.microsoft.com/security
> (This posting is provided "AS IS", with no warranties, and confers no
> rights.)
>
>
> --------------------
> From: <jason.chen@xxxxxxxxxxxxxxxxx>
> References: <Oo3#jyUuFHA.3756@xxxxxxxxxxxxxxxxxxxx>
> <NRnDAzcuFHA.768@xxxxxxxxxxxxxxxxxxxxx>
> Subject: Re: what certificate to buy from Verisign ?
> Date: Thu, 15 Sep 2005 10:19:53 -0400
> Lines: 83
> X-Priority: 3
> X-MSMail-Priority: Normal
> X-Newsreader: Microsoft Outlook Express 6.00.3790.326
> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.326
> Message-ID: <uK1wLCguFHA.596@xxxxxxxxxxxxxxxxxxxx>
> Newsgroups: microsoft.public.dotnet.framework.webservices.enhancements
> NNTP-Posting-Host: a7cebc03.cst.lightpath.net 167.206.188.3
> Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP12.phx.gbl
> Xref: TK2MSFTNGXA01.phx.gbl
> microsoft.public.dotnet.framework.webservices.enhancements:4884
> X-Tomcat-NG: microsoft.public.dotnet.framework.webservices.enhancements
>
> thanks Steven, I guess the server side can just purchase the normal
> webserver certificate, what about the client side who consumes the
> webservice? should they also get a normal webserver certificate or
something
> particular?
>
> many thanks,
> -jason
>
> "Steven Cheng[MSFT]" <stcheng@xxxxxxxxxxxxxxxxxxxx> wrote in message
> news:NRnDAzcuFHA.768@xxxxxxxxxxxxxxxxxxxxxxxx
> > Hi Jason,
> >
> > AS for the Certificate type you mentioned, for your scenario, since the
> > certificate is mainly used to identitfy your server application and
build
> a
> > secure communication channel between client/server, I think a normal web
> > server certificate is enough. Of course, there must has some guys from
> > Verisign who will help you find the proper certificate for yoru
> > application.
> >
> > Thanks,
> >
> > Steven Cheng
> > Microsoft Online Support
> >
> > Get Secure! www.microsoft.com/security
> > (This posting is provided "AS IS", with no warranties, and confers no
> > rights.)
> >
> >
> > --------------------
> > From: <jason.chen@xxxxxxxxxxxxxxxxx>
> > Subject: what certificate to buy from Verisign ?
> > Date: Wed, 14 Sep 2005 12:52:04 -0400
> > Lines: 29
> > X-Priority: 3
> > X-MSMail-Priority: Normal
> > X-Newsreader: Microsoft Outlook Express 6.00.3790.326
> > X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.326
> > Message-ID: <Oo3#jyUuFHA.3756@xxxxxxxxxxxxxxxxxxxx>
> > Newsgroups: microsoft.public.dotnet.framework.webservices.enhancements
> > NNTP-Posting-Host: a7cebc03.cst.lightpath.net 167.206.188.3
> > Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftngp13.phx.gbl
> > Xref: TK2MSFTNGXA01.phx.gbl
> > microsoft.public.dotnet.framework.webservices.enhancements:4873
> > X-Tomcat-NG: microsoft.public.dotnet.framework.webservices.enhancements
> >
> > Hi, my company plans to use WSE2.0 sp3 to secure the webservice
> > communication between us and the client. now that we are looking at
> Verisign
> > on what exactly to buy but the sales person at Verisign were not very
> > helpful. and MSDN didn't provide any information on what exact
certificate
> > to buy from Verisign either, all it says is get certificate from a
trusted
> > CA, for example: Verisign.
> >
> > could someone point out which product to buy from verisign?
> >
> > some information on what I found so far:
> >
> > 1. after searched around, seems a lot of people are complaining Verisign
> > sales have no idea what to buy to encrypt and sign web services.
> >
> > 2. some people seem got regular SSL certificates working to encrypt and
> > sign web service request, but will there be performance issues? is it
> > recommened by Microsoft that an existing SSL certificate can be used for
> > encrypt and sign webservice requests?
> >
> > 3. some people in various newsgroups are talking about using the Digital
> ID
> > product from Verisign to encrypt and sign webservice requests,
> >
>
(http://www.verisign.com/products-services/security-services/pki/pki-applica
> > tion/email-digital-id/index.html), this is a product from Verisign to
> secure
> > emails. is this correct to use Digital ID? this thing is much cheaper
than
> > regular SSL certificates, only $19.99/Year
> >
> > Please help, thanks a lot.
> >
> >
> >
>
>
>
.
- Follow-Ups:
- Re: what certificate to buy from Verisign ?
- From: Steven Cheng[MSFT]
- Re: what certificate to buy from Verisign ?
- References:
- what certificate to buy from Verisign ?
- From: jason.chen
- RE: what certificate to buy from Verisign ?
- From: Steven Cheng[MSFT]
- Re: what certificate to buy from Verisign ?
- From: jason.chen
- Re: what certificate to buy from Verisign ?
- From: Steven Cheng[MSFT]
- what certificate to buy from Verisign ?
- Prev by Date: Re: what certificate to buy from Verisign ?
- Next by Date: Re: what certificate to buy from Verisign ?
- Previous by thread: Re: what certificate to buy from Verisign ?
- Next by thread: Re: what certificate to buy from Verisign ?
- Index(es):
Relevant Pages
|
Loading
