Considering that she's about to have you waste over $350 of taxpayer money I think any citizen of California should be concerned.
________________________________________ From: Joe Heaton [jhea...@etp.ca.gov] Sent: Tuesday, July 21, 2009 9:21 AM To: MS-Exchange Admin Issues Subject: RE: OWA / SSL question ME, I've tried educating. But since she's the one paying the bill, if she wants to pay $400, instead of $30, who am I to argue? And I originally intended the "high-profile name", versus what I actually said. That's why I brought up the soda analogy. Man, my head is fuzzy today. Joe Heaton Employment Training Panel -----Original Message----- From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Tuesday, July 21, 2009 9:14 AM To: MS-Exchange Admin Issues Subject: Re: OWA / SSL question Verisign is not an industry standard. The cert's themselves are standards. Verisign is just a high-profile name. Think of them as the Cadillac of certificate providers if you will. Are they high performance? Not really. Full of bloat and over-priced? Yep. But when the cert is only meant for you to get from A to B, does it matter about the appearance or prestige of the name/appearance? Nope. Unless you have a high-visibility web site, there is absolutely no reason to use certs from Verisign. There is no added prestige factor to using Verisign certs with OWA. None of your users care. And you and your manager shouldn't either. A cert is a cert. Its ease of use only depends on if its publicly known and trusted: Issues/published by a well-known certificate authority. Some user education is in order for your manager. You should be able to educate and convince them of these things. -- ME2 On Tue, Jul 21, 2009 at 11:45 AM, Joe Heaton<jhea...@etp.ca.gov> wrote: > I know about GoDaddy, and recommend it every time any of our 4 SSL certs > come up for renewal. But the manager wants to stay with the "industry > standard" Verisign. I'm the kind of guy that buys the Shasta colas, or the > Sam's colas, because it's pretty much the same thing at half the price. > > > > I have also looked at generating our own cert, which really makes sense for > this purpose, as it's only internal users that will be accessing OWA. What > could they face from home, if I use a homemade cert? Are there browser > issues, with certain browsers not liking homemade certs? > > > > Joe Heaton > > Employment Training Panel > > > > From: David Mazzaccaro [mailto:david.mazzacc...@hudsonhhc.com] > Sent: Tuesday, July 21, 2009 8:42 AM > To: MS-Exchange Admin Issues > Subject: RE: OWA / SSL question > > > > If your cert expires, users will have to either configure their browsers to > allow them to go the site, or click through warning/error messages to get > there. > > I would believe depending on your mobile phone setup those users will have > similar problems. > > Have you looked into generating your own internal certificate? > > > > CHEAP: I got 3 year SSL Cert for OWA from GoDaddy.com for $67.47 > > > > > > ________________________________ > > From: Joe Heaton [mailto:jhea...@etp.ca.gov] > Sent: Tuesday, July 21, 2009 11:27 AM > To: MS-Exchange Admin Issues > Subject: OWA / SSL question > > Guys, > > > > Due to the budget issues here in California, my agency is down to the wire > with renewing our SSL cert for Exchange. I've already told my manager that > we can easily go with one of the cheaper alternatives, and have the same > security, but she's really wanting to stick with Verisign. Due to this, our > SSL cert may end up expiring. I've told her that the impact would be that I > would have to turn off OWA. In addition, wouldn't our phones be affected? > We're using Activesync on our Windows Mobile devices, and requiring the SSL > connection. Would we be able to make a secure SSL connection without the > cert? I'm thinking this is possibly a stupid question, but my brain is > really fuzzy this morning. > > > > Joe Heaton > > AISA > > Employment Training Panel > > 1100 J Street, 4th Floor > > Sacramento, CA 95814 > > (916) 327-5276 > > jhea...@etp.ca.gov > >
