Question:

What is the difference between:

by | earlier

What is the difference between a certificate authority that you create and a commercial certificate authority like VeriSign for Windows server 2003, and What is the difference between a symmetric key and an asymmetric key for Windows server 2003 too? many thanks

Tags:

Report

Answer The Question I've Same Question Too

Follow Question

1 ANSWERS

Sort By: Date | Rating

Starting with your first question: What is the difference between a commercial CA and your own CA?

Basically not very much.  They both perform essentially the same function, ie: issue certificates.  One difference of course is a matter of trust.  VeriSign is a well known and well respected CA.  When a secure website shows you their certificate and it says "I'm www.abc.com", you can be pretty sure that they are who they say they are.  Whereas with creating your own CA, because your level of trust isn't known, one cannot be completely confident that the certificate is indeed legit.  How could it not be legit?  If the computer that generates certificates (a Win2k3 server for example) were to be compromised, a hacker could write all the certificates he/she wants.  So basically your certificates are only as good as the security protecting the CA is.  The only other difference is cost.  I haven't looked recently, but getting a VeriSign signed cert. can be very expensive and is sometimes not necessary.  If your implementing PKI for user and computer authentication then I would recommend setting up your own CA.  If however, you wanted to startup an e-commerce site.  Then you'd probably want to assure your customers by getting a VeriSign cert.

Question 2; Difference between symmetric/asymmetric key:

Essentially a symmetric key is something like a password.  If I encrypt a file and send it to you, I'd need to provide the key also.  Because the same key both encrypts and decrypts it is called symmetric.  On the other hand an asymmetric key would be like using public/private keys.  For example, I could use your public key to encrypt a file.  You would then use your private key to decrypt the file.  It that situation the key the encrypts is different than the one that decrypts.  Therefore, the public key is distributed freely; whereas, the private key is highly guarded.  By the way, if you haven't already guessed asymmetric keys are superior to sym. ones.  Symmetric keys are highly susceptible to "man-in-the-middle" type attacks.

Sorry the answer is so long.  Hopefully, it isn't too convoluted.
Report (0) (0) |   earlier