The Artist The Artist 1 1 gold badge 2 2 silver badges 6 6 bronze badges. Xander Thank you very much : Let me check it out. Xander After reading this , some say to go with the cheapest one while other answers say no because of some vendors have been hacked,etc.
Does this mean that in terms of features that I am getting, since another hack in the future is very unlikely, does it mean it is the same? Xander will I face any other problems assumed that there Comodo won't get compromised? Well i think it don't make any difference since if any CA get hacked you will be affected too i. Show 4 more comments. Active Oldest Votes. Improve this answer. Tom Leek Tom Leek k 26 26 gold badges silver badges bronze badges.
Could you educate me on what you exactly mean by "Customers are people; they tend to think about certificates as some magic things, and are not very rational about them. TheArtist You'd be surprised at how many people make this kind of decision without really consulting someone first.
I've done web admin and development as a side job , and I've already seen 4 instances of saying "You're going to need an SSL certificate if we want to run a proper online shop", only to have them come back to me with a super-expensive wildcard certificate costing several thousands. These are all people who I met in person, and can say that they don't really know jack-shit about general computers besides how to use a web browser.
Add a comment. Xander Steffen Ullrich Steffen Ullrich k 27 27 gold badges silver badges bronze badges. What do you mean by multiple domains from symantec? I dont see this feature on their website. Mike Ounsworth Mike Ounsworth But, other services that they offer like insurance can make difference on prices. Masoud Masoud 45 2 2 bronze badges. This answer may be true for DV certs, but the question is asking about EV certs which require many hours of humans doing background checks on the applicant organization.
These people are expensive. MikeOunsworth, I wrote that on my answer too, in the first line. Plus, it keeps me gainfully employed : I'm not attacking you personally. I just hate being ripped off like that. And it is a rip-off, no matter how you spin it. Not sure which CA you went with, but we re-validate each time you renew. I don't know about the premiums or your figures - could be right.
The same figures could well apply to many hosting companies though, and they don't have the insurance. Just an example. I don't believe it's a rip-off anymore. Hosting companies have actual, real expenses, such as hardware dedicated to each customer. I don't know what kind of kool-aid you've been drinking but these are the structures that I'm criticizing. That's why I'm calling for legislation.
Verisign and friends should be put out of business today rather than tomorrow. They have proven maliciously incompetent for long enough, really. They should be replaced with one government-operated CA per country. The government has better tools to validate identity than any privately held company anyways. Moreover this would finally enable Joe Sixpack to make meaningful guesses about which websites to trust.
Countries would quickly grow a reputation for certifying scammers or not. Browsers could offer customizable CA ratings where, for example, a site certified by Nigeria triggers a popup warning.
The CAs could further establish multi-country validation for more trust. None of this is possible with the current oligopoly of "Verisign", "Thawte" and friends. Despite their insane revenue they're not even trying to improve the situation. They're not just slowing progress, they're actively pushing it backwards with brainfarts like those colored address-bars. All for the sole purpose of making the money-printer run even faster.
The government. Oh yeah great idea. So when you post something critical of the wrong official or say the wrong words on your website your certificate is summarily revoked. Some governments hello China may indeed do such a thing but if you have such drastic steps taken against you then your SSL certificate is probably the least of your worries. I'm not saying that this solution would be perfect and yes, most governments don't exactly have a flawless track record of managing, well, anything.
But no matter how screwed an actual implementation would end up - it can't get much worse than what we have now. Admittedly a government has relatively little motivation to make SSL good. But even that is still better than what we have today with the commercial CAs - those have a strong and frequently proven motivation to make SSL worse!
And you're telling me that companies that have to buy servers which break, go obsolete, and require power in the meantime , racks, cooling, warehouse space, backup power, and fast and redundant Internet connections, and setup a good way for people to manage their hosting not to mention support! And no, I'm not saying they don't have large costs. You can become a webhost with a couple of co-lo boxes for relatively little cost. You can't do that with a CA. Merchant accounst also have insurance.
Are these same? Please explain this too. I've bought numerous certificates in the past and there's rarely been any serious form of vetting. Can you give us a breakdown of roughly how much each of those activities costs, or is that private information? I doubt I can give too much information out publically, sadly. As for the level of vetting, a lot depends on who you bought it from, and what type of cert.
As for the level of vetting, a lot depends on who you bought it from, and what type of cert Which is part of the absurdity here. The CA's make us pay ridiculous fee's for the validation but can't even protect us from other CA's issuing certs for the same domain.
Why are people like Mike Zusman get certificates for already existing domains, which can then be used for extremely effective phishing attacks? The "verification" is a joke at best, harmful at worst. There is, you just need to know where to look. One of the things to note about SSL certificates: don't think you can renew them like you can a domain name.
When you renew, you get a new cert that you have to install on your server. So buying multiple years at a time can save you a lot of hassle and drive the cost per year down. Many certificate companies have bilked their customers into paying too much, but there is competition. It's just that people change slowly. For many businesses, it just isn't worth the hassle of switching.
Even a company that I used to work for used to pay nearly my salary to an outside firm for content management and they didn't even have a good CMS. So, many companies will just keep paying and it's one of those situations where the markup is more valuable than pushing additional units. He was looking at wildcard certificate prices. Sure, both of those are way lower than my monthly bandwidth costs, but it isn't exactly commodity pricing. I think you're missing the point. Wildcards obviously must be more expensive than single-certs because they have those extra 2 bytes in the common name.
These bytes don't pay themselves, you know? My understanding is the prices are high because there's an oligopoly. To have competition, all the major browsers would have to agree to let in more companies, and they're just not doing that.
Sorry, but that's incorrect. The major browsers will let you in - you just have to pass all their audits, comply to all their regulations, and commonly have a WebTrust audit The wildcard means it works for blah. Basically there are those "extended verification" certs that give you the green crap in the address bar.
Which I don't think users actually care about. And yeah, the whole SSL business is an insane racket. I don't know about racket, but you can read my other comments for, I hope, some more insight. As for the green-bar - I'll admit it's taking some time to get hold, but testing not just from my CA, but all of them has shown consumer awareness is increasing and people are inclined to 'trust' the green a bit more.
Mind you, the same users will stick their bank login details on a phishing page with no ssl hosted on some. Sorry, despite my many posts in this thread already I can't resist to vent about the green-bar stunt, too.
So, one day the CAs discovered that their regular certification procedure is broken. That the "normal" certs are effectively unfit for their stated purpose.
Am I the only one who would have expected them to go back, properly re-validate their certs and fix the problem that way? Or at least perform this procedure at expiry time?
I mean, I understand that inventing new levels of "secure" with fancy colors even is a much more effective way to sell more certs and crank up the prices.
So, why to wait now? Grab the opportunity and purchase the right certificate as soon as possible from ClickSSL. You and your visitors will start reaping the benefits of this decision immediately! SSL certificate cost depends on your web security requirement. Here we are explaining how much does an SSL certificate cost to secure your website.
Types of SSL Certificates SSL certificates are divided into 6 different categories based on two criteria: the number of domains and subdomains they can protect, and the kind of validation process involved in getting them.
Single Domain SSL Certificate As per their name, these certificates protect only a single domain and subdomain in its hierarchy. Buy Now. Posted by ClickSSL.
Share on Facebook Share on Twitter. We Assure to Serve. Compare Close. We use cookies to optimize site functionality and give you the best possible experience. Learn more about cookies policy. I agree.
0コメント