If they had announced this before the Let's Encrypt[0] initiative it would have been more impressive, but still it is a nice gesture to offer these for the month or two that people are still buying them. I wonder if it is a preemptive move to keep customers from taking their certificates elsewhere, as you will be able to do with the Let's Encrypt certs?
Reading the rest of the announcement, It looks like they are slowly catching up to Gandi.net, who have offered free one year certs and other features (two-step verification and domain privacy) for a while now.
They are a bit behind the curve compared to better Registrars but still light years ahead of garbage like GoDaddy, etc, so good on them for offering this.
Even in a world where Lets Encrypt exists and actually provides free certs, I don't want a world where they become the SPOF for all certs, and I can't even imagine that they want that world.
Insofar as I can guess the end-game, it seems like they want to offer free certs so that providers like EuroDNS do exactly this. That way we have lots of providers offering free certs and competing on features and security rather than cost.
> It looks like they are slowly catching up to Gandi.net, who have offered free one year certs
As far as I know, you only get a free certificate with a new domain registration, so after the first year, you'd still need to pay an annual renewal fee for the certificate.
They charge for revocation, so it negates the entire idea of a "free certificate" if you can't properly revoke them without forking over money. It literally breaks the entire idea of revocation.
No, we don't. The CA is supposed to verify the owner of the certificate and stand behind that with a financial guarantee. Otherwise, it's just security theater.
True, it's not the cheapest but EuroDNS is more service oriented with a free mailbox, a free ssl certificate, 4 name servers with Anycast nodes. And the renewals remain usually at the same price, and not the first year under the real cost price as some does in the industry.
"For an additional fee you can add a wildcard to the Alpha SSL certificate meaning that the certificate can be used on an unlimited number of subdomains and servers. The wildcard option allows for additional subdomains or servers to be added in the future."
That allows CloudFlare to MITM your SSL, so I'm torn on whether it's better than plaintext. Sure, it reduces the points where people can read your data down to one, but it also makes SSL go from "definitely secure to the server" to "probably secure".
Hi @dingaling, I'm working at EuroDNS and I confirm you that this is not only a promotion, but it will be free for the lifetime of your domain at EuroDNS.
Hi, you could have blog.yourdomain.tld and yourdomain.tld in the same certificate for free.
edit: to make it simple you have the right of one sub domain and the root domain without subdomain. As soon as you need more than one, you will need to go for a wildcard (which is not free).
tombrossman|11 years ago
Reading the rest of the announcement, It looks like they are slowly catching up to Gandi.net, who have offered free one year certs and other features (two-step verification and domain privacy) for a while now.
They are a bit behind the curve compared to better Registrars but still light years ahead of garbage like GoDaddy, etc, so good on them for offering this.
[0]https://letsencrypt.org/
akerl_|11 years ago
Insofar as I can guess the end-game, it seems like they want to offer free certs so that providers like EuroDNS do exactly this. That way we have lots of providers offering free certs and competing on features and security rather than cost.
JoshTriplett|11 years ago
As far as I know, you only get a free certificate with a new domain registration, so after the first year, you'd still need to pay an annual renewal fee for the certificate.
dtech|11 years ago
StartCom/StarSSL has provided fully free certificates for some time: http://www.startssl.com/?app=1
edit: Title is now clearer, I believe the "to customers" portion wasn't initially there. Or I just suck at reading.
feld|11 years ago
They charge for revocation, so it negates the entire idea of a "free certificate" if you can't properly revoke them without forking over money. It literally breaks the entire idea of revocation.
This was made very clear when Heartbleed happened
higherpurpose|11 years ago
pushrax|11 years ago
Animats|11 years ago
0x0|11 years ago
aadlani|11 years ago
_sandb_|11 years ago
"For an additional fee you can add a wildcard to the Alpha SSL certificate meaning that the certificate can be used on an unlimited number of subdomains and servers. The wildcard option allows for additional subdomains or servers to be added in the future."
... so no wildcards for free. fyi.
pixl97|11 years ago
slezyr|11 years ago
izietto|11 years ago
jgrahamc|11 years ago
Alternatively you could use CloudFlare's Universal SSL: https://blog.cloudflare.com/introducing-universal-ssl/
StavrosK|11 years ago
oliao|11 years ago
aadlani|11 years ago
dingaling|11 years ago
It's not clear from their documentation whether your free single-domain cert will be renewed for free after that, so worth checking before rushing in.
aadlani|11 years ago
unknown|11 years ago
[deleted]
jagermo|11 years ago
Because I should really get on that
aadlani|11 years ago
edit: to make it simple you have the right of one sub domain and the root domain without subdomain. As soon as you need more than one, you will need to go for a wildcard (which is not free).