G
Guest
Guest
Archived from groups: microsoft.public.win2000.security (More info?)
Hello all!
I am trying to get my small brain around something that I have taken for
granted for a while. Certificates. I understand the general concepts with
the public/private key business, but there are some details that are causing
me problems. I know I am misunderstanding some things.
1. What's the point? If I am understanding correctly a Certificate
verifies the authenticity of the two entities involved in some sort of
transaction. Well that is great but what if one of the entities is a crook?
2. Can anyone be a CA? I know Verisign is a CA...is Microsoft? Can my mom
become a CA? I kind of trust her? If anyone can become a CA, then what is
the value of a Certificate?
3. We pay roughly $250 to Verisign for a SSL certificate. Could I have
gotten this Certificate from Microsoft instead? Would it cost me anything?
I far as I can tell some CA's charge for their certifcates and some
certifcates are free? Why? Is it based on the purpose of the certficate?
4. So in the MS documentation there is mention of an Enterprise
certification authority and a Stand-Alone certification authority. Are these
two terms Microsoft only terminology?
Thanks for your time on this.
Hello all!
I am trying to get my small brain around something that I have taken for
granted for a while. Certificates. I understand the general concepts with
the public/private key business, but there are some details that are causing
me problems. I know I am misunderstanding some things.
1. What's the point? If I am understanding correctly a Certificate
verifies the authenticity of the two entities involved in some sort of
transaction. Well that is great but what if one of the entities is a crook?
2. Can anyone be a CA? I know Verisign is a CA...is Microsoft? Can my mom
become a CA? I kind of trust her? If anyone can become a CA, then what is
the value of a Certificate?
3. We pay roughly $250 to Verisign for a SSL certificate. Could I have
gotten this Certificate from Microsoft instead? Would it cost me anything?
I far as I can tell some CA's charge for their certifcates and some
certifcates are free? Why? Is it based on the purpose of the certficate?
4. So in the MS documentation there is mention of an Enterprise
certification authority and a Stand-Alone certification authority. Are these
two terms Microsoft only terminology?
Thanks for your time on this.