Slashdot Mirror
Choosing an SSL CA?
zentigger asks: "I am looking at renewing some SSL certificates and checking out the various vendors. I seems that just about every major CA has some reason for not using them. Verisign is just evil, Thawte is owned by Verisign, Geocerts has a bad habit of spamming, and Godaddy uses a stupid chained cert that doesn't work for some appliances we have (and they won't let me check out using Firefox). I realize that I could just use a self-signed certificate, but we have too many stupid users that get all confused and whiny when something pops up and asks them unexpected questions. So I put it to you, Slashdot: what CAs do you recommend and why?"
For god's sake, don't buy Veri-slime's 'Global Certificate' which was built to allow for a crippled 'international version browser', an idea which was abandoned 6 years ago. A quick check of their site leads me to suspect that they changed the name to 'Financial SSL Certificates for OFX'. I Think that that verisign product represents the last 'one percent', however I doubt if anyone should trust an SSL conntection to those long outdated browsers.
The grass is only greener, if you don't take care of your own lawn.
cacert.org
They have a great concept that should be supported.
I've never had any problems with their service on SSL: Personal Sites
(end of post)
Verisign is the choice since they are the most well known.
Simple, if you customers can't shop on your site because there is some problem with the SSL, they will simply go somewhere else. They won't care about Verisign being evil, they won't care how doing business with them is wrong, they won't care what excuses you could give them. They simply will go somewhere else.
You are in the business of selling, not in the business of being moral and trying to explain it to someone else who may not agree with you. Most non-computer geeks types could give a fuck less on why you think Verisign is evil.
Linux O Muerte!
http://comodo.com/
They were the first company I found selling certs for $50 compared to Thawte which was around $200 at the time. Now we use a wild card cert which costs $449 + $10/server. We use it on 15 servers with 20 or so hostnames (*.url.com) right now. It makes it a hell of lot easier to update and manage only one cert.
We have had no reported problems with browser compatibility.
I've used them too.
The register-fly website is an example of how not to dimension your server farm for a beautiful PHP driven app. That aside, their Cert. "just works" and whoever's auth. server it actually points to is pleasantly fast.
Mod down to nothing.
If you want a cert that's directly under the root, you buy Verisign. Thawte is Verisign, so you buy Verisign. Their business model is highway robbery but if you need to interact with stupidly broken applicances that's your tough luck.
If you just need to work with any web browser released in the last 5 years, you buy a chained certificate from, well, just about anyone. Godaddy is my preference, but you can use ssl.com or any of the others. I don't recall having a problem checking out with firefox.
Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion.
I think the most interesting post that time was that the US military and Microsoft both use self-signed ones -- which makes a pretty strong case that (if you're a B2B company) your company should sign it and your customers should add your company to the trusted authorities. If your're a B2C one, choose the cheapest one that FireFox and IE trust by default.
We use a self-signed CA, but being a corporate MS shop we force our CA's certs out as trusted through AD, so there's no difference between certs signed by our CA and certs signed by someone else. For me, it's brilliant. I can certify whatever I need to without having to cough up each time. It's only useful for internal users though. Obviously no good for public sites.
That is probably because it wasn't really a question, more sort of a flame against the idea of Certificate Authorities with some unoriginal gratuitous insults thrown in.
Without knowing what he wants to do with the certificate it is impossible to answer the question. If he just wants to connect up to his POP3 server via SSL then self signed is fine. If on the other hand he is setting up the online banking service for a money center bank he probably wants something that offers a somewhat higher degree of assurance.
Until recently there has been no differentiation as far as the user is concerned. That changes with Extended Validation in IE7 and the comming versions of firefox
The point of a certificate is that it should say who you are. If this does not matter in your application fine. If it does matter then get a cert that provides the necessary level of assurance for your app.
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
Wasn't this article previously posted weeks ago? Same answer as then: forget the CA, sign it yourself and make the required user ok of the resulting certificate part of the documented process for accessing your content. The CA system as implemented is just a bit of high tech profiteering. As far back as the 90s they were charging outrageous repeating fees -- and not really doing anything for the money, as the cases of CAs issued to fraudulent companies proved.
I realize that I could just use a self-signed certificate, but we have too many stupid users that get all confused and whiny when something pops up and asks them unexpected questions.
Er, no, self-signed certs are vulnerable to man-in-the-middle attacks. That's not being stupid, in fact you are the confused and stupid one for being completely ignorant of the security risks.
Looks like people have stopped reading moderator guidelines. "Do not mod based on wether it matches your opinion" But its not followed, sadly. If anybody writes a lame post which goes with the idiology of the mods, its insightful, but you go against it, no matter how true your post is, it will be modded to oblivion. Dont believe me, surf at -1, you will be surprised to see so many accurate, yet politically(slashdotically) incorrect posts. The parent is making a valid point. When you are selling something on your website, the avg joe user does not care about evil or good. All he/she wants is a site where no silly warnings prop up. Self sign certificates scare even so called geeks. You go to a shopping site and some warning pops up, bang half your customers will get scared and not give their credit card info. Yes a Verisign certificate or a Thwatte one wont garauntee the site is not a scam, same as a notarized document does not mean the person is telling the truth. But guess what, internet is full of clueless people, who dont even know what these certificates are all about. All they care is no warning pops up. Heck you can make them shop on a site which does not even use SSL. So if you want to make money, you have to compromise a bit on your morals, or pay a higher price, or get spammed, etc., etc., Its bad, but then life is never fair :)
There now you can mod me into oblivion too because I disagree with the general flow, right
My Aurora : http://www.youtube.com/watch?v=o91ZsGwJYyg
FB : https://www.facebook.com/TanveersPhotography
I would say to avoid Thawte. Every site that has ever tried to install a piece of dodge to just plain unwanted adware/spyware seems to have their content certified by Thawte. To my way of seeing it, when you sleep with dogs...
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
Gah - I have moderator points but there's no "incorrect" flag.
Encryption without authentication is absolutely meaningless. There would be no way to detect a "man in the middle" attack -- anyone with access to the data stream could impersonate the other party and get the complete plaintext stream. Worse, the MitM could almost certainly insert or remove content at will. ("Almost" since it's possible that there's HMAC data at the application layer in addition to the network(?) layer.)
That's crypto 101 material. Any protocol designer that doesn't have MitM attacks as one of his top priorities should go back to his cereal box decoder rings.
SSL contains both strong mutual authentication and message digesting. One or both parties can choose to ignore information, but it's always their choice and they can refuse a connection unless acceptable authentication information has been provided.
Does this directly address spamming and phishing? No... but it guarantees that you can hold somebody responsible for it. That's why the "soft" side of the CA is so important - you're depending on the CA doing due diligence to ensure that 'paypal.com' is who they claim they are, not somebody with a maildrop. Generating and publishing the certs themselves is trivial.
As an aside, "SSL" does NOT mean that you're guaranteed an encrypted channel. A 'null' cipher exists for testing purposes and many administrators never realize that they should specify a minimal acceptable cipher strength. A malicious application or client could attempt to negotiate encryption down to nothing. Some of the other ciphers are only suitable for keeping your kid sister out of your stuff.
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
Cheapest I've seen on the Net is ev1servers.net at $14.95 (about 8.50 pounds for UK folks). It works with almost all browsers, except for users running IE 5.0 or older that haven't upgraded the latest root certificate via Windows Update. What I did is write a script that scanned the access logs for IE 5.0 or older and displayed the percentage of such browsers - when it dipped below 0.1% (which it has already for about half the sites we manage), we switched from Verisign to the ev1servers.net secure cert and saved, wait for it, over 250 pounds per certificate!
Unfortunately just last month Verisign announced its intentions to purchase GeoTrust. It might suck for any GeoTrust resellers, as Verisign was never very supportive of their resellers.
Here's the press release.
That's right. Why is very sign evil. What's wrong with these people saying that somethig is "just evil" without backing it up with ANY arguments.
Any large organization (say Fortune 1000 or better) is probably safe in using a self-signed root certificate and then forcing that root cert on its suppliers and client businesses, because they can, and because they have the name recognition necessary to make such a certificate worth something. A smaller organization, whether B2B or B2C, really doesn't.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
If you have to be used by millions of everyday users (ie, e commerce site), the answer is Verisign. Well known, trusted (by lawyers, this is more important than any technical issues if you are doing financial transactions), and way too expensive (but you have no choice, welcome to the CA oligopoly)
If you have a limited number of users, or especially if it is internal, use CACERT. Yes there is the headache of getting people to install the root but it is a one time thing and then you will never have to pay for a cert again.
Look, x.509 is a halfway decent (if over-engineered) concept that is just horribly implemented. Cryptographically it is very strong, and in theory provides very strong authentication, data integrity, and encryption. In practice it is a stupid binary trust system (you completely trust every cert signed by a CA for everything or you trust nothing signed by that CA), and the CA's have banded together to basically ensure there will never again be any competition. The requirements to get a CA into a browser are batshit insane. A gentlemen's agreement exists between MS, Verisign, et al (Netscape/Firefox just does whatever MS does) to make sure that someone would have to spend millions and have pricing similar to all of the others to get in.
Verisign has proven time and again that they are more than happy to give sign a certificate to anyone capable of passing their stringent security checks which involve writing a check, so what makes them any more secure than CACERT? Nothing. Oh they have tamper proof hardware, vaults, and all kinds of james bond style doomsday devices hooked up to their secret underground bunker which houses the CA, but none of that matters if they perform the same authentication checks that CACERT does (can you receive email at the domain? Good you are in).
So don't get suckered into paying way too much for a string of bits if you don't have to. If running your own CA is not your thing (and it really is not all that hard, CA.pl which comes with openssl and an O'Reilly book is about all you need), go with CACERT. If this is not for something internal or something with a limited number of users that you could tell to download a CA, then break our your wallet and go to Verisign.
Finkployd
Then move on to Simple-SSL.com, $35 for two years or $44 for three years. Both certs are from RapidSSL.com (aka GeoTrust, but I've never seen spam from them), so they work in all the browsers most people care about, but Simple-SSL.com is much cheaper than RapidSSL.com even though it's exactly the same product.
By the way, if anyone knows how to add additional certificates to a Motorola v551 mobile phone, please let me know...
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
The new was made public 1 month ago with the announcement that almost all of GeoTrust's staff were being let go in a few weeks, VeriSign was the new owners and were gonna consolidate operations.
GeoTrust is still in business right now, I know for a fact that they've got salesfolk answering the lines and their product lines haven't been shut down so as far as a certificate goes they're still as good as they were a month ago. And those certificate chains are a valuable asset and will no doubt be maintained indefinitely. However the package and pricing will likely change as VeriSign moves yet more solidly into the number 1 (and 2, and 3) spot.
I don't read ACs: If a post isn't worth so much as a nom de plume to its author then I wont bother either.
When we started out, Thawte was really the only rational choice.
I haven't found any reason to change.
This list might be of use:
. 200603/casurvey.html
http://www.securityspace.com/de/s_survey/data/man
Popularity does not equate to quality or value for price, but it often well correlates to it. At least you could use this as a starting point for investigation.
I don't know about VeriSign, but Thawte does a real investigation before issuing a code signing certificate. They look up government documents, require you to send over company documents, call your notary, CEO, president of the board, things like that. If I recall it well, the first time it took about two weeks or so. If they say you're you, you are.
Renewal, OTOH, is much easier. Basically you just click the buy renewal button and hand over the money.
Yeah, you have to import their root, but it is free!
http://cert.startcom.org/
Here is a nice article answering your question: SSL: How to choose a certificate authority
However the package and pricing will likely change as VeriSign moves yet more solidly into the number 1 (and 2, and 3) spot.
Hmmm, and I thought I had found a decent non-Verisign company. I wonder when these acquisitions qualify as anti-competitive.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
I've had really good service from OmegaSphere. Their SSL Certificates are properly validated and issued with your information right on the certificate (rather than some silly ID # only system). Their tech support was more than happy to walk me through the problems I had (I hadn't done this before and didn't realize you need to get the name on the certificate the same as all your image links to avoid warning messages in some browsers) and seemed extremely competent. Prices are pretty reasonable. Given the service I had I will certainly buy from them again.