Lesson 8	Public and private CAs
Objective	Describe the difference between public and private CAs.

Public | Private CAs (What is difference)

You can choose from two different types of CAs to sign your certificates: public and private. VeriSign is the primary example of a public CA. However, you have the opportunity to use your own certificate server. Microsoft Certificate Server and Netscape Certificate Server are just two examples of in-house options.

Public Certificate Server

Using a public certificate server
Benefits	Drawbacks
You can demonstrate your identity to the public. You generally receive insurance coverage when you purchase a digital certificate. A public digital certificate purchased from a reputable CA instantly increases public trust.	You have to trust the security used by these CAs. Purchasing a certificate is costly.

Private Certificate Server

Using a private certificate server
Benefits	Drawbacks
Quick start-up: You can create your own key and get up and running right away. Relatively low cost: Because IIS 4.0 and Certificate Server, for example, are free, you can create your own trust system for no extracost. You have local control over trust issues; you only have to worry about your own server being compromised.	The chief drawback is that only users in your local intranet will trust your certificate. This will remain the case unless you become part of alarger trust system.

Public and private digital certificates are both useful. A public digital certificate is ideal for an e-commerce setting. A private digital certificate is useful for an intranet setting.
In the next lesson, you will learn more about certificate issues.