In 99.9% of cases, EV is useless. If you are going to educate your
customers religiously to look not only for the green padlock, but for
your name in the address bar, maybe it's worthwhile. Most people don't
look or care. Google doesn't have an EV cert. Neither does Microsoft or
Facebook. My power company doesn't. Most insurance companies don't.
The only place I've seen them used heavily is in the financial sector,
and I'd guess that's more about CYA than technical value.
------ Original Message ------
From: "Eric Kuhnke" <eric.kuh...@gmail.com>
Sent: 4/9/2018 3:03:38 PM
Subject: Re: [AFMUG] ssl certs
these days there are essentially two types of SSL cert, DV and EV
DV = domain validated. anyone can get one. this is the same idea for
the $9 SSL certs and free letsencrypt. you only need to prove you
control the domain/server it's issued for.
EV = extended validation, you need to prove your corporate identity.
should cost around $85/year.
EV will result in the big green banner with company name in most modern
On Mon, Apr 9, 2018 at 11:59 AM, Steve Jones
tbh, im not really looking for alternative sources, im asking advice
on what i need in a certificate
On Mon, Apr 9, 2018 at 1:52 PM, Cameron Crum <cc...@murcevilo.com>
On Mon, Apr 9, 2018 at 1:02 PM, Steve Jones
Im no webdude is the main reason. I know alot of people use it,
phishermen love them. Theyre "trusted, but not verified" which, to
no webdude me, says "IT WILL BECOME UNTRUSTED". I hate godaddy, but
theyre not likely to become untrusted, so its not something id have
to deal with with little to no knowlege. plus I dont understand this
90 day thing
On Mon, Apr 9, 2018 at 12:08 PM, Mike Hammett <af...@ics-il.net>
Can you use Let's Encrypt?
Intelligent Computing Solutions <http://www.ics-il.com/>
Midwest Internet Exchange <http://www.midwest-ix.com/>
The Brothers WISP <http://www.thebrotherswisp.com/>
From: "Steve Jones" <thatoneguyst...@gmail.com>
Sent: Monday, April 9, 2018 12:07:04 PM
Subject: [AFMUG] ssl certs
Our current cert for our billing server (powercode) is about to
expire. For some time web browsers have been throwing up the
insecure flag, probably needed to update it.
What does a guy need in a certificate these days? godaddy is where
we have it from, they have all kinds of options like green bar
guarantee cert, etc.
I have thought about getting one thats good for more than one page,
just to get rid of the annoying security screen on our managment
port and mobile. but the wildcard cert seems more pricey than id
prefer for something thats just convienient rather than needed