[Discuss] Who sells the least expensive SSL certs right now?
Richard Pieri
richard.pieri at gmail.com
Mon Dec 22 15:49:37 EST 2014
On 12/22/2014 11:25 AM, John Abreau wrote:
> Now granted, these arguments are about whether slartssl should be in the
> firefox keystore,
I take the first citation as being a rant that StartCom should be held
accountable for Heartbleed fallout. No. It's not Vendor A's
responsibility to change the terms of a contract in a way favorable to
you and unfavorable to it when Vender B screws the pooch. Not even if
Vendor B is an open source project like OpenSSL and the pooch in
question is SSL itself.
The second citation is just a weak argument. Commercial CAs aren't it
for security. They're in it for money. I don't care if you name StartSSL
or Comodo or Symantec. They're all driven by profits first, security
somewhere after.
--
Rich P.
More information about the Discuss
mailing list