On Sat, Mar 25, 2006 at 10:22:34AM +1100, Philip Greggs wrote: > I'm sick and exhausted. For one and > only one reason. > > I'm paying thousands of dollars for > the damn ssl certificates. > > Can some one in plain English explain > to me why should I pay that much > money and what am I paying for exactly? > > That some company says - yes > he is who he says he is? > > Common, this is total scam :) > No?
Not total, but it's non-perfect situation to be sure! What you're paying for is a cert for which the cert authority cert is included in most browsers. But check it out sometime; I mean do you trust GoDaddy? (answer: you do, whether you think you do or not; even if you have never heard of them) Depending on who your clients are, I think you can quite easily get awway with not having a root trusted cert - and many do. Trouble is, if people get in the habit of accepting non-standard certs, it erodes the whole point of ssl. Otherwise, go through the companies listed in the certs builtin to your browser and find the cheapest! Matt -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
