Policies and Standards
Digital Certificates Standard
The CIO/UTSB has adopted standards for SSL Server Security Certificates at USF.
Definition: SSL (Secure Sockets Layer) is a communications layer which enables applications secure, authenticated sessions. SSL creates an encrypted transmission channel between a browser client and a server through PKI (Public Key Interchange) and session keys. PKI keys (certificates) must be obtained from a certificate authority (CA) in order to be mathematically correct and recognized. The two major CA's are Verisign and GeoTrust. GeoTrust was bought out by Verisign but GeoTrust certificates are still sold and are less expensive. SSL is also referred to as Transport Layer Security (TLS) which is the IETF (Internet Engineering Task Force) name for essentially the same structure.
Vendor: Through USF's partnership with InCommon, SSL certs are free to the USF community for use on servers with usf.edu domain names.
- Verisign - The Verisign certificate is a more comprehensive product which works with more browsers. It is therefore more expensive.
- GeoTrust - Geotrust (now owned by Verisign) is a lower priced certificate which works with the major browsers.
Rational for Selecting: Verisign and GeoTrust are the most recognized CA's and offer products which can provide economy and functionality. These two CA's are utilized in the majority of existing applications. Use of other certificates might lead to additional support complications.