Re: WEBVPN login page Cerrtificate Error

From: pankaj ahuja (networksecurityconsultant@gmail.com)
Date: Tue Sep 25 2007 - 10:14:10 ART

• Next message: Gary Duncanson: "Re: Tunnel Config"
• Previous message: Gregory Gombas: "Can PIM BSR filter Candidate RP announcements?"
• Maybe in reply to: pankaj ahuja: "WEBVPN login page Cerrtificate Error"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Personally I would say that it'll be more convenient to buy a certificate
rather than issuing one of your own, coz you do not have to distribute the
certificate to the end users.

Increased Security - well the end users would now be contacting 2 locations
i.e. the VPN Server to establish the VPN and the CA to verify the
Certificate. This may not necessarily mean increased Security unless I'm
missing something.

On 9/22/07, Martin Kiefer <martin@kiefer.dk> wrote:
>
> >
> > Best practice is to buy a security certificate, you site will be more
> > secure.
> >
> >
>
>
> Can you please explain, why you think the site will be more secure with a
> certificate that the browser knows vs a certificate that you have issued
> yourself?
>
> AES 256 is AES 256 no matter who issued the certificate.
>
> You can get a certificate for more or less than 100 USD. But that does not
> make your site more secure...
>
> /Martin

• Next message: Gary Duncanson: "Re: Tunnel Config"
• Previous message: Gregory Gombas: "Can PIM BSR filter Candidate RP announcements?"
• Maybe in reply to: pankaj ahuja: "WEBVPN login page Cerrtificate Error"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Oct 06 2007 - 12:01:15 ART