WingNews logo WingNews
top | item 5509719

(no title)

luser001 | 13 years ago

Serious question: why do you want it to be free?

I paid $10 for an SSL cert. Isn't that low enough?

discuss

order

dangrossman|13 years ago

There are several billion people for which that's significant, whether because of where they live, or their age, or access to credit cards to make purchases online easily. $10 more than doubles the minimum cost of having a website on your own domain.

why-el|13 years ago

Thank you. I have said this many times. I have 10 dollars, but unlike the US or some other developed country, I can't just ship it overseas.

duskwuff|13 years ago

It saddens me that every domain registration does not come with a free domain-validated SSL certificate.

cdjk|13 years ago

I think this is what's going to drive the adoption of DNSSEC: free, DNS-validated SSL certs.

IPv6 should address the other problem - namely, that SSL certs are per-ip, not per-hostname, which makes hosting multiple sites a pain with IPv4. Or SNI could work, once Windows XP is truly abandoned.

simoncion|13 years ago

gandi.net provides a single-address SSL cert free-of-charge for a year with a domain registration or transfer. See: http://www.gandi.net/ssl :)

jiggy2011|13 years ago

They're also a PITA to setup. A lot of amateur webmasters have only just figured out FTP and wordpress. The whole CSR , key gen ritual is another big barrier.

dangoldin|13 years ago

It's gotten a lot easier - especially for AWS users and being able to have it dealt with by the load balancer.

nwh|13 years ago

> Serious question: why do you want it to be free?

If I wasn't at least a little bit clever with my spending, I would have a lot more difficulty paying my rent.

Why would I want to pay if there is alternatives offering the same product at no cost?

dkokelley|13 years ago

> Why would I want to pay if there is alternatives offering the same product at no cost?

Because free isn't necessarily a sustainable model given the current CA environment. Any server can generate its own certificate, but this does little to verify the identity of the server you are connecting to.

My point is that CA's provide a service that can't reliably be accomplished for free (yet - the CA model has many of its own issues). If you can find one for free, I would be lead to ask "what are their motives for providing this service to me?"