Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month at the Massachusetts Institute of Technology, in Building E51.

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] Who sells the least expensive SSL certs right now?



When I generate my own CA for my company (or the company's IT people
generate a private CA for the company), it's reasonable to trust that CA.
Or, if you want to nitpick, trusting that CA is likely a necessary
precondition for accessing the company's internal IT resources and is
therefore a necessary precondition for doing your your job.

As for StartSSL, a quick google search turns up some disturbing issues with
it. Their reaction to the Heartbleed problem earlier this year is
particularly worrisome:

A quote from Mozilla's bugzilla issue tracker:
https://bugzilla.mozilla.org/show_bug.cgi?id=994033

The business model for this free tier is based on profiting from security
> breaches. StartSSL lures in users with free certificates without making it
> clear that there is a revocation fee. During a crisis when users of these
> certificates are most vulnerable, they attempt to extort money with this
> fee. Many people are using the free certificates because they can't or
> won't pay fees like this. Certificates signed by StartSSL are no longer
> trustworthy, because the people who own the certificates can not revoke
> them even if they want to without paying an unexpected fee.


On Mon, Dec 22, 2014 at 6:53 AM, Edward Ned Harvey (blu) <blu at nedharvey.com>
wrote:

> > From: discuss-bounces+blu=nedharvey.com at blu.org [mailto:discuss-
> > bounces+blu=nedharvey.com at blu.org] On Behalf Of Jack Coats
> >
> > I haven't been following this thread, but is cacert.org certs wide
> > spread enough without users having to add certs (import)?
>
> No, but startssl is.
> _______________________________________________
> Discuss mailing list
> Discuss at blu.org
> http://lists.blu.org/mailman/listinfo/discuss
>



-- 
John Abreau / Executive Director, Boston Linux & Unix
Email: abreauj at gmail.com / WWW http://www.abreau.net / PGP-Key-ID 0x920063C6
PGP-Key-Fingerprint A5AD 6BE1 FEFE 8E4F 5C23  C2D0 E885 E17C 9200 63C6



BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org