Hi,
Firstly, what kind of certs are you looking for? If you are looking for SSL
certs, then RSA does not offer the same - u have to choose from VeriSign,
Geotrust, etc.
However, if you are looking for client certs (certs issued to individuals,
for eg), then you need to make a choice between subscribing to a " managed
service" (which is what VeriSign offers) or setting up the entire CA
infrastructure in house (which is what RSA offers). Both options have its
pros and cons - but a general thumb rule is that if you are not looking at
smaller number of certs (like upto say 5000 numbers), it is far more cost
effective as well as hassle-free to go with the VeriSign option. It also
offers you a lot of flexibility, scalability and also interoperability with
most browsers and email programs.
Hope this helps!
rgds
Shivangi
shivangi@safescrypt.com
-----Original Message-----
From: GUY MONTGOMERY [mailto:kamelmont@msn.com]
Sent: Tuesday, September 14, 2004 10:31 PM
To: webappsec@securityfocus.com; security-management@securityfocus.com;
security-basicis@securityfocus.com
Subject: RSA vs. Versigin. How do I choose?
Good day,
I am in the process of implementing a PKI system for my organization. I
would like to hear some thoughts and opinions on which CA I should use to
obtain my certificates. Should I use Versign or RSA? Are there any known
pros and cons for each? Any insight, information or links to
resources that
would help me gain a better understanding of my option would be greatly
appreciated.
Thanks and have a good day
Guy Montgomery
kamelmont@msn.com
703.851.3295
A Leader is one who Serves...
