[Discuss] Who sells the least expensive SSL certs right now?

Gordon Marx gcmarx at gmail.com
Mon Dec 22 15:58:34 EST 2014


On Mon, Dec 22, 2014 at 3:49 PM, Richard Pieri <richard.pieri at gmail.com> wrote:
> The second citation is just a weak argument. Commercial CAs aren't it for
> security. They're in it for money. I don't care if you name StartSSL or
> Comodo or Symantec. They're all driven by profits first, security somewhere
> after.

Which is why the free cert, pay for revocation model makes so much
sense -- signing a CSR takes a one-time hit of some tiny amount of CPU
and bandwidth, whereas hosting an OCSP responder or equivalent takes a
lot more money and effort. Cert revocation is hard, and when things
are hard to do companies can often charge money to do them :--)

Gordon



More information about the Discuss mailing list