Does Verisign Global Server ID requires Stronghold?

Does Verisign Global Server ID requires Stronghold?

am 30.07.2002 15:19:39 von Viljo Marrandi

Hello,

Before I wasn't subscribed to the list, so sorry if this comes twice.

We're making here one secure site and we ordered from Verisign their
Global Server ID and there in ordering form it says that these ID's are
available for platforms like C2Net Apache Stronghold, IBM, Netscape etc.
So do I really have to buy for $1000 USD Stronghold and $700 costing
RedHat or I can use this ID on free Apache/mod_ssl too?

I found out that Stronghold also bases on mod_ssl and I didn't find any
articles saying that these ID's don't work on free servers. Please
enlighten me on this.

Rgds,
Viljo



____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: Does Verisign Global Server ID requires Stronghold?

am 30.07.2002 15:29:24 von meint.post

----- Original Message -----
From: "Viljo Marrandi"
To:
Sent: Tuesday, July 30, 2002 3:19 PM
Subject: Does Verisign Global Server ID requires Stronghold?


> Hello,
>
> Before I wasn't subscribed to the list, so sorry if this comes twice.
>
> We're making here one secure site and we ordered from Verisign their
> Global Server ID and there in ordering form it says that these ID's are
> available for platforms like C2Net Apache Stronghold, IBM, Netscape etc.
> So do I really have to buy for $1000 USD Stronghold and $700 costing
> RedHat or I can use this ID on free Apache/mod_ssl too?
>
> I found out that Stronghold also bases on mod_ssl and I didn't find any
> articles saying that these ID's don't work on free servers. Please
> enlighten me on this.

Trust me, you can use these global server id's as well for plain old Apache
with mod_ssl, I've used them myself. Questions is whether you really want a
global server id? The only difference (besides price) between the two is
that the global server id let's your clients "step-up" to 128 bit encryption
IF the client is an older export-crippled browser (IE < 5.01, NS < 4.5). The
standard secure server id also can do 128 bit encryption if the client
browser is 128 bit native.

If your clients all use relatively modern browsers (IE > 5.0 and NN > 4.5)
than you don't need to spend the extra cash, your clients can use the secure
server id and have strong encryption.

hth

Meint

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org