I have seen studies showing that ecommerce checkout/cart servers do have
lower "abandon order" rates when using EV SSL. If you're going to have one
billing server hostname that you fully control (eg:
https://billing.ispname.com) it might be worth it.

Things like Paypal, online banking and other stuff do make extensive use of

It used to cost $395/year, now it's $85/year and dropping in price further.

The big change coming in both Chrome and Firefox is that any non-https page
will soon be marked as "Insecure" in the URL/address bar. You should have
https (TLS1.2) everywhere, on every sort of public facing httpd these days,
with at least a letsencrypt certificate.

On Mon, Apr 9, 2018 at 1:20 PM, Simon Westlake <simon@sonar.software> wrote:

> In 99.9% of cases, EV is useless. If you are going to educate your
> customers religiously to look not only for the green padlock, but for your
> name in the address bar, maybe it's worthwhile. Most people don't look or
> care. Google doesn't have an EV cert. Neither does Microsoft or Facebook.
> My power company doesn't. Most insurance companies don't.
> The only place I've seen them used heavily is in the financial sector, and
> I'd guess that's more about CYA than technical value.
> ------ Original Message ------
> From: "Eric Kuhnke" <eric.kuh...@gmail.com>
> To: af@afmug.com
> Sent: 4/9/2018 3:03:38 PM
> Subject: Re: [AFMUG] ssl certs
> these days there are essentially two types of SSL cert, DV and EV
> DV = domain validated. anyone can get one. this is the same idea for the
> $9 SSL certs and free letsencrypt. you only need to prove you control the
> domain/server it's issued for.
> EV = extended validation, you need to prove your corporate identity.
> should cost around $85/year.
> EV will result in the big green banner with company name in most modern
> web browsers.
> https://www.google.com/search?client=ubuntu&channel=fs&q=EV+
> SSL+certificate&ie=utf-8&oe=utf-8
> On Mon, Apr 9, 2018 at 11:59 AM, Steve Jones <thatoneguyst...@gmail.com>
> wrote:
>> tbh, im not really looking for alternative sources, im asking advice on
>> what i need in a certificate
>> On Mon, Apr 9, 2018 at 1:52 PM, Cameron Crum <cc...@murcevilo.com> wrote:
>>> ssls.com
>>> On Mon, Apr 9, 2018 at 1:02 PM, Steve Jones <thatoneguyst...@gmail.com>
>>> wrote:
>>>> Im no webdude is the main reason. I know alot of people use it,
>>>> phishermen love them. Theyre "trusted, but not verified" which, to no
>>>> webdude me, says "IT WILL BECOME UNTRUSTED". I hate godaddy, but theyre not
>>>> likely to become untrusted, so its not something id have to deal with with
>>>> little to no knowlege. plus I dont understand this 90 day thing
>>>> On Mon, Apr 9, 2018 at 12:08 PM, Mike Hammett <af...@ics-il.net> wrote:
>>>>> Can you use Let's Encrypt?
>>>>> -----
>>>>> Mike Hammett
>>>>> Intelligent Computing Solutions <http://www.ics-il.com/>
>>>>> <https://www.facebook.com/ICSIL>
>>>>> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb>
>>>>> <https://www.linkedin.com/company/intelligent-computing-solutions>
>>>>> <https://twitter.com/ICSIL>
>>>>> Midwest Internet Exchange <http://www.midwest-ix.com/>
>>>>> <https://www.facebook.com/mdwestix>
>>>>> <https://www.linkedin.com/company/midwest-internet-exchange>
>>>>> <https://twitter.com/mdwestix>
>>>>> The Brothers WISP <http://www.thebrotherswisp.com/>
>>>>> <https://www.facebook.com/thebrotherswisp>
>>>>> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>
>>>>> ------------------------------
>>>>> *From: *"Steve Jones" <thatoneguyst...@gmail.com>
>>>>> *To: *af@afmug.com
>>>>> *Sent: *Monday, April 9, 2018 12:07:04 PM
>>>>> *Subject: *[AFMUG] ssl certs
>>>>> Our current cert for our billing server (powercode) is about to
>>>>> expire. For some time web browsers have been throwing up the insecure 
>>>>> flag,
>>>>> probably needed to update it.
>>>>> What does a guy need in a certificate these days? godaddy is where we
>>>>> have it from, they have all kinds of options like green bar guarantee 
>>>>> cert,
>>>>> etc.
>>>>> I have thought about getting one thats good for more than one page,
>>>>> just to get rid of the annoying security screen on our managment port and
>>>>> mobile. but the wildcard cert seems more pricey than id prefer for
>>>>> something thats just convienient rather than needed

Reply via email to