Slashdot Mirror

Startssl.com is recognized by all major browsers, checks your identity by a mail and phone callback, and issues as many "simple" certificates as you need. "Simple" meaning no wildcard, and no subject-alt-name. These are valid for one year

If you do need more advanced stuff (wildcard, subject-alt-name), you can have StartSSL do a more "thorough" id check. For this, upload a scan of two government-issued id documents, and send them $49.90 . They'll perform another phone check, and you're ready for "Class 2" certificates, which are valid for two years. You can still get as many as you want during validity of your id check (1 year).

You can't get cheaper than that (except for CaCert, but unfortunately CaCert is not recognized by the browsers by default).

"Huge amounts"? GoDaddy offers widely-trusted certs (their roots are in all major browsers, and also chain back to the old ValiCert root so it works with ancient browsers) for about $13/year. Hardly "huge amounts".

StartSSL has their root in all major browsers, and they issue certs for free. (Naturally, they also offer Class 2 and EV certs for money, but their basic domain-validated certs are free.) While the PKI model has its flaws, StartSSL seems to be doing The Right Thing within the confines of the model (4096-bit roots, 2048-bit minimum key length, checks for weak keys, no internal/unqualified names, etc.).

You mean like http://www.startssl.com/ already does this ? For free for the current CA-system.

Dirt cheap ? How about free: https://www.startssl.com/

Now that I think about it.

Doing selfsigned is not needed anyway ? Because why do you do selfsigned ? Because you don't want to pay for it ?

That problem was already solved last year:

https://www.startssl.com/

Paying for SSL-certificates is not needed anyway: https://www.startssl.com/

Don't know.

But you can go to https://www.startssl.com/ and get the same 'domain-validation' service for free. :-)

http://www.startssl.com/?app=1

Supported by every browser under the sun, all for absolutely free. (Full list of supported browsers at http://www.startssl.com/?app=40)

http://www.startssl.com/?app=1

Supported by every browser under the sun, all for absolutely free. (Full list of supported browsers at http://www.startssl.com/?app=40)

How about free ?:

http://www.startssl.com/

Works in any desktop browser.

NICE!! Going to take this to the people in charge and see what happens. Thank you for the link!
I can even using this in my personal server stuff.

My two favorite CAs so far on price:

http://www.trustico.com/ - $20/yr for class-2 (Identification verified)

http://www.startssl.com/ - Free for class-1.
They don't verify who you are beyond what you type in the text box, but if money is not involved (CC numbers and the like) then that shouldn't be an issue.

a) A signed (not self-signed!) SSL cert, which means that you have to hand over a not insignificant amount of cash every year or two, otherwise your server will cause strong warnings on every browser out there.

b) A dedicated IP address, since a standard SSL certificate is bound to a particular address.

For 'A', there are now certificate authorities that are much better priced than Verisign.

http://www.trustico.com/ sells RapidSSL class-2 certs for $20/yr
http://www.startssl.com/ has free class-1 certs (The cert makes no claim that you verified your identity with them), and class-2 certs for $45/yr (I'd go with a RapidSSL cert for that)

The advantage to a class-2 cert is mainly when accepting things like credit card numbers, so the user ideally can check and know who they are sending it to.
But for sites that just use accounts for login and money isn't involved, there is nothing wrong with a class-1 cert. One wouldn't need to know Slashdots address and business name for example, as long as the name doesn't up and change on you you'll know you are sending the username/password to the same place each time.

For 'B' however you're spot on.

In the next year or two the cost of a static IP address is likely to be as high or higher than the cost of the certificate :/

Named based websites are the #1 reason that's generally out of your control that is holding back https everywhere.

Certs are no longer $100/yr, if you shop around a little. Trustico has provided perfectly functional certs for $20/yr for a long time (with discounts for multi-year purchases). I've been using them for several years. For a blog that has very cheap hosting, even the $20 doesn't necessarily make sense.

Startssl does it for free: http://startssl.com/

It is not an issue because it is free:

http://www.startssl.com/

What is your problem then ? Price ? That problem was solved last year when Opera added the root certificate for the free certificates from https://www.startssl.com/

Some poeple like StartSSL actually do try to improve things.

2. SSL for virtual hosts is not supported by Internet Explorer (yet another problem with IE)

I am not sure why it is not working for you, however it works for me. I tested my copy of Windows XP with IE 8 with my instance of Lighttpd which has four domains with a UCC/SAN cert for the four domains from StartSSL all hosted on a single IP address.

4) Hosting https sites still require a unique IP for each site. If I, a a hosting provider, have 1000 sites on a server, I'd rather use one IP, than 1000 IPs.

I am currently hosting 4 different domains on the same IP address using UCC / SAN Certificates. From providers such as GoDaddy, they tend to be pricey, however StartSSL provides unlimited certs for the cost of identity and organization validation ($50/year). It is now more of a hassle to add a domain to the server since now I have to revoke and re-issue the existing cert, but it does allow me to use SSL on one IP address for multiple second level domains.

It is already free: https://www.startssl.com/

How much cheaper do you want it to be ?

(yes you still need to pay your hosting provider, because of the extra IP-address/setup time unless you don't care about Android and IE/Safari on Windows XP)

How about free ?:

http://www.startssl.com/

Works in any desktop browser.

1. Also some browsers now support "Strict Transport Security" which means if you visit a site ones, the browser will automatically visit again with https the next time you visit it (it has a Time To Live value).

2. if more adopt it, so will they or they will die

4. 'only' for as long as Microsoft does not fix SNI-support (name based virtual hosting for SSL/TLS) in Windows XP so IE and Safari can use SNI, ohh, that won't happen. Windows XP has 51% of the Windows marketshare. :-( Or if we all get IPv6 ofcourse... hmm.

5. You don't even have to shop around. SSL-certs are free: https://www.startssl.com/

There are reportedly free certificates through StartCom, but how does the server know which certificate to present to the client? The HTTP Host: header doesn't show up until after the connection has already been established. There is SNI, but a lot of deployed clients still don't support SNI; they need a distinct IPv4 address and port per server. End users expect all hosts to run on port 443, and we've run out of IPv4 addresses.

It's not that hard to get a certificate from a commercial certificate authority. Sure it costs some money, but then so does buying a SSL certificate

A certificate for SSL/TLS is free from StartCom CA. The primary expense in SSL/TLS is getting a dedicated IPv4 address for incoming connections so that your HTTPS server can communicate on port 443 to Windows XP and other clients whose SSL stack can't SNI. An Authenticode certificate, on the other hand, cost $199 per year the last time I researched it, which was twice that of an iPhone certificate, and one had to have an established business to qualify for one.

Then at least give the correct link: https://www.startssl.com/?app=1!

You should get one for free: http://www.startssl.com/?app=1

If you bothered to visit the site, they say:

"StartSSL is the trade mark of the StartCom Certification Authority"

Look for StartCom in your list; it is there. If you want the "green identity" on the address bar, you need an EV (extended validation) cert. Supported browser list at the bottom of the page.

If you are using firefox, you should do this to make non-EV certs "stand out":
    about:config
    browser.identity.ssl_domain_display > 2

If you bothered to visit the site, they say:

"StartSSL is the trade mark of the StartCom Certification Authority"

Look for StartCom in your list; it is there. If you want the "green identity" on the address bar, you need an EV (extended validation) cert. Supported browser list at the bottom of the page.

If you are using firefox, you should do this to make non-EV certs "stand out":
    about:config
    browser.identity.ssl_domain_display > 2

And StartSSL is free: https://www.startssl.com/?app=39

What could possibly go wrong?

These people provide security for a living... right? Or am I missing something... I guess you get what you payed for.

Sorry, but every certificate authority is manually distributed at some point, the verizon's of this planet included, they just have the convenience that browser manufacturers do that for them.

And there's the big difference.

The most automatic way to do what the main requester wants is to set up that certificate authority and roll out your browsers automatically after adding that certificate authority it's root to that browser.

No, the way to do what the main requester wants is to get a free cert whose CA is recognized by most popular browsers. You can get some from: http://www.startssl.com/
Their "product" comparison: http://www.startssl.com/?app=40

You might be able to get free certs from elsewhere.

Apparently some sites sell rapidssl wildcard certs for cheap. I can't remember which ones. Can't find them via Rapidssl's own website for some reason ;).

You have to understand the truth of the matter. Most people dealing with https don't really care that much about security. All they want is not to have those scary browser warnings.

If they really cared about security they would realize that most popular browsers by default do not warn you if a site's CA has changed, or a server cert has changed rather prematurely (I use certificate patrol for that). And that as long as this remains true, all the talk about https security is just talk.

So people should just solve the submitters problem, and implying he's incompetent or even calling him incompetent. Because how many of you are relying on https to keep stuff safe and have CA certs in your browser from CA's you do not trust?

FWIW how many of you really trust Verisign? Stick your hand up if you're that incompetent ( http://en.wikipedia.org/wiki/Verisign#Controversies ). Guess who signs zillions of certs though, and what happens if you don't tell the browser to trust Verisign's certs. Guess who signed a fake Microsoft's cert? http://www.cert.org/advisories/CA-2001-04.html

So just accept that those certs are mainly to make people feel safe and make the browser warnings go away.

Sorry, but every certificate authority is manually distributed at some point, the verizon's of this planet included, they just have the convenience that browser manufacturers do that for them.

And there's the big difference.

The most automatic way to do what the main requester wants is to set up that certificate authority and roll out your browsers automatically after adding that certificate authority it's root to that browser.

No, the way to do what the main requester wants is to get a free cert whose CA is recognized by most popular browsers. You can get some from: http://www.startssl.com/
Their "product" comparison: http://www.startssl.com/?app=40

You might be able to get free certs from elsewhere.

Apparently some sites sell rapidssl wildcard certs for cheap. I can't remember which ones. Can't find them via Rapidssl's own website for some reason ;).

You have to understand the truth of the matter. Most people dealing with https don't really care that much about security. All they want is not to have those scary browser warnings.

If they really cared about security they would realize that most popular browsers by default do not warn you if a site's CA has changed, or a server cert has changed rather prematurely (I use certificate patrol for that). And that as long as this remains true, all the talk about https security is just talk.

So people should just solve the submitters problem, and implying he's incompetent or even calling him incompetent. Because how many of you are relying on https to keep stuff safe and have CA certs in your browser from CA's you do not trust?

FWIW how many of you really trust Verisign? Stick your hand up if you're that incompetent ( http://en.wikipedia.org/wiki/Verisign#Controversies ). Guess who signs zillions of certs though, and what happens if you don't tell the browser to trust Verisign's certs. Guess who signed a fake Microsoft's cert? http://www.cert.org/advisories/CA-2001-04.html

So just accept that those certs are mainly to make people feel safe and make the browser warnings go away.

Also, their free and paid certs are issued from different intermediate certificates that are chained back to the same root. Browsers have the root in their "trusted CA" list, but you, the server admin, need to supply the appropriate intermediate to complete the chain. They are available from http://www.startssl.com/certs/

For example, if you're using a free, Class 1 server cert, you need to configure your server to supply both the server cert and the sub.class1.server.ca.crt intermediate certificate. If you're using a paid, Class 2 server cert, you need to supply the server cert and the sub.class2.server.ca.crt intermediate.

Many CAs use such chained intermediate certs these days, so it's not uncommon.

If by "nice colored emblem", you mean the blue indicator next to the address bar and the padlock icon in the bottom-right, yes. It works fine. No scary warnings or anything. Such standard SSL certificates are fully trusted by Firefox, and are free of charge.

If, however, you mean the green Extended Validation indicator next to the address bar, this also works fine, but costs a bit of money. Not a big deal.

Either way, the browser will trust the cert without warnings.

Yes, it will be more transparent to the user than using a self-signed certificate. Self-signed certificates present scary warnings, as they are not signed by a trusted CA. StartSSL-issued certs are trusted by many browsers. See http://www.startssl.com/?app=40

StartSSL certs are accepted without warnings by Android and iPhone.

I'm going to hop on this one too StartSSL.com has been one of the best things I've ever found on the internets. I use it to secure all my websites internal and external. They are also setting up a Web Of Trust(WOT) to help build their community. If anyone in the Midwest needs me to Notaries them for the WOT I can do that. Just look me up at http://taddevries.startssl.com/

They changed root certs several years ago. The new root is included in Firefox and many other browsers by default. See http://www.startssl.com/?app=40

The cert doesn't come out-of-the-box with Windows, but the first time someone visits a site with a StartSSL-issued cert and a browser that uses the Windows cert store (IE, Chrome, etc.), Windows will check with Microsoft's online cert store and download the root. This takes a few seconds, but only needs to be done once. After it gets the root from Microsoft, it keeps it locally. This works fine for regular, internet-connected systems, but on a completely isolated intranet it may be problematic.

http://startssl.com/

mod parent up - great service.

http://startssl.com/

https://www.startssl.com/
An Israeli company with inexpensive SSL (and other certs). I would also point out the prices they have for Extended Validation SSL certs.

Because certs from "trusted by default" organizations are ridiculously expensive.

Some are free:
http://www.startssl.com/?app=1
http://www.startssl.com/?app=39

The Startcom CA cert appears to be installed in current versions of Firefox, Google Chrome and IE.

Because certs from "trusted by default" organizations are ridiculously expensive.

Some are free:
http://www.startssl.com/?app=1
http://www.startssl.com/?app=39

The Startcom CA cert appears to be installed in current versions of Firefox, Google Chrome and IE.

simple SSL/S.MIME certs can had be had here http://www.startssl.com/. i'm not affiliated with them, but i have gotten a few certs from them. you can't beat the price, and their support is timely and helpful. you have to pay for more advanced certs like multiple names, wildcard, etc...

As I see it, the problem is less with the technology, and more with providers' lack of steering users there:

1. While this is definitely better these days, in the past, it was common for POP3 tutorials from e-mail services, or FTP tutorials from hosting providers, to describe the unencrypted way of getting in - no doubt because it was the easiest way to get the customer what he wants, and least prone to errors. Many people who learned how to do what they're doing are probably not even aware their connection is unencrypted, or that they could, in fact encrypt it. And even if - they'd probably argue "What for? Why would anyone want to steal the password to my e-mail account?".
2. Redirects. It's a very simple thing: Automatically redirect users to the HTTPS version of websites. No user thinking involved - just set it up and let them enjoy the shiny padlock. Yes, the very large players do this automatically for logins, but the vast majority of small websites, e.g. mom and pop running an osCommerce installation, do not. The user enters through unencrypted HTTP, and proceeds to do what he wants unencryptedly. Had the server just redirected him to the secure site as he entered, he would do the exact same stuff, not having to waste a thought about security, and would still be secure.
3. Lastly, setup. I have a small VPS, and I, in fact, recently tried to set up SSL security for the sites I host. I can't. At least not within a reasonable threshold of effort. Why? Because SSL sucks to set up for virtual hosts. The only thing I could easily do is set up one certificate per IP, and I only have one shared IP for all accounts. Add to that Mozilla's oh-so-brilliant decision to auto-block self-signed certificates, and you end up in a situation where many smaller and non-corporate admins would like to employ secure connections, but they can't, because the setup is needlessly complicated, the easy ways to do it are being blocked, and basically the only way to actually get there is shell out more money.

The Mozilla team justified its decision to auto-block self-signed certificates with the fact that one can get "real" certificates for free from StartSSL. Well, I went there. I tried. I utterly failed. Because having a free certificate for every domain doesn't mean jack shit if you can only deploy a single one - or would have to dig deep into the config for hours to get it working for all of them.
I mean, we're talking about a situation where it's easier to tell all users to whitelist an "invalid" (self-signed) certificate than to get real certificates working properly. ...and that's all not taking into account that certificates expire, and once you committed to going "real", getting new certificates for all sites becomes a periodic task.

Summary: On principle, the technology works fine, but The Powers That Be are not using their powers to quietly encourage its adoption (e.g. by just not offering unencrypted FTP anymore, period), and those responsible for the technical side have created a system where it just sucks to offer encryption.

If the users are not encouraged to use encryption, and the admins are discouraged from offering it - how prevalent can it get, really?

https://www.startssl.com/ StartSSL is offering free SSL certificates. From the fact that the link above displays the EV green bar on my browser, I believe these free SSL certificates won't display any untrusted warnings.

You can't even load a CA signing cert, or permanently accept a specific cert.

Sure you can. To add a custom CA cert, just make a link to it and have the user explicitly touch that link. Make sure the MIME type for the reply is application/x-x509-ca-cert. Try it and if it doesn't work, shout, but it should.

I'd imagine the same thing will work for a site cert, only with a different MIME type, but I'm not certain. Either way, given that StartCom issues free basic SSL certificates, the only sane reason to use a self-signed cert is for doing over-the-air enrollment with SCEP. For everything else, you should just spend five minutes at http://www.startssl.com/ and create yourself a real SSL cert.

There are still free sources of SSL certs. Mainly StartSSL. The process isn't as simple as Thawte was but it is still easy. Here is my howto to use it on a Mac.

Overall I disagree with all of your assertions:
1) Managing s/mime keys is just as annoying as PGP keys.
2) Not "everyone and their dog uses pgp keys" in fact your first statement about S/MIME seems to hold: Only larger corporations use PGP.
3) The meaning I want and convey with a S/MIME signature is that this email address has obtained a key from the key cert. This is very useful in showing people that you are not spoofing email addresses.

Why? StartSSL's free certificates are recognised by the major browsers by default. Hell, you can even get $40 code signing certificates from them.

Yeah, we'll we'd all like to see Verisign and the like not charge a fucking arm and a leg for a cert used to secure a webmail server, a mythweb server, etc.

I use StartSSL, they're a pretty decent provider of free class 1 certs, and their root certs are already in every major browser except IE, and they provide a nice lil' page that you can link to, to install the root certs into IE (after clicking through like 8 IE warning dialogs, no joke). They also use RSA for the signing algorithm, not that MD5 crap. You can also add their root certs to the domain certificate policy in Active Directory to get the root certs automatically distributed to all the IE users in your domain.

Get a free certificate, then. http://www.startssl.com/ generates basic certificates at no charge. It works in most major browsers, and IE support is expected in the near future. Now that startssl exists, there's really no excuse for self-signed certs even inside a corporate firewall, much less for a real public website.

Free, schmee, that is not the problem at all. Why in hell should I trust someone ELSE to verify my ownership of a domain name on MY internal network? The real problem is everything using their own damn CA lists, making it impossible for us to easily publish internal CA certs. Subversion has one, Windows has one, OS X has one, Gnome probably has one, Firefox has one, Java has one, SSH does NOT have one, etc, etc, etc.

Why aren't CA's delegated just like DNS is? I own all of foobar.net, so grant me an intermediate CA responsible for only *.foobar.net and let me verify & issue certs for my own fraking domain names (internal or NOT!). It is much easier to chain an intermediate cert to the server than add a new internal CA to the clients. Obviously, distributing trust to the rightful owners cuts the CA roots out of their silly trust monopolies.

The determination of who owns a domain name TWICE, for registration & certification is a straight up failure. Own the domain, you should own the CA authority, stop owning it, your cert chain is revoked.

Get a free certificate, then. http://www.startssl.com/ generates basic certificates at no charge. It works in most major browsers, and IE support is expected in the near future. Now that startssl exists, there's really no excuse for self-signed certs even inside a corporate firewall, much less for a real public website.

I'd like to see fewer people using self-signed certificates that train users to ignore SSL warnings.

Yeah, we'll we'd all like to see Verisign and the like not charge a fucking arm and a leg for a cert used to secure a webmail server, a mythweb server, etc.

I use StartSSL, they're a pretty decent provider of free class 1 certs, and their root certs are already in every major browser except IE, and they provide a nice lil' page that you can link to, to install the root certs into IE (after clicking through like 8 IE warning dialogs, no joke). They also use RSA for the signing algorithm, not that MD5 crap