University Certificate CA

John Stauffacher stauffacher at chapman.edu
Mon May 19 22:43:25 GMT 2003


All,

In researching the feasibility of assigning personal digital certificates
to every staff/faculty member I came across and interesting idea. Most
companies want some nominal charge for issuing certificates that are
inherently trusted (Verisign wanted on the order of $20k for 250
certificates), what struck me as odd about this is the amount of work to
assign these is minimal, why the high price tag? Because they can. So my
idea is this:
	Get a group of universities together to form a sort of Univeristy
CA. For a time until our numbers grow; a little bit of user intervention
will be involved in accepting the signing CA as trusted, and initially let
it be a free service - maybe down the road as administrative costs jump we
could charge a nominal fee (I'm thinking on the order of 2$ to 3$ per
cert). Not attach this entity to any one university (infact I am surprised
EduCause hasn't tackled this yet, they do our domain registration, why not
do some PKI for us too). It just seems to me that companies like verisign
and thawte are making a killing off of stuff that should be free.
	The push from this campus comes from people wanting to do secure
document exchange and secure signing of documents, and I can see where
this is going to be another "big thing". A lot of software coming down the
pipe is supporting the use of digital signatures (AOL's new version of AIM
supports digital signatures for encryption). So this is just a thought, if
anyone wants to help start this up, I am all ears.

-John Stauffacher


++
John Stauffacher
Network Administrator
Chapman University
stauffacher at chapman.edu
714.628.7249

"If the only tool you've got is an axe, every problem looks like fun!"

"it's a lot harder to ask permission than forgiveness."

"Success is something I will dress for when I get there, and not until."

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3729 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20030519/2c0129db/smime-0006.bin


More information about the unisog mailing list