[FX.php List] [off] SSL Certs

Leo R. Lundgren leo at finalresort.org
Sun Dec 12 19:39:06 MST 2010


I agree, I haven't ever heard of any non-technical person that looked at the padlock.

If you want a higher level of trust, go for an EV cert (that gives you the green color in the address bar, so the customer knows it has been more extensively verified).

On a security note, if you are running important sites, you might want to not use wildcard certs, but rather one cert per sub domain/service. Just in case it/they become compromised, then you don't want the attacker to be able to use one single cert to cover all your services. Better he compromises only one of them.


13 dec 2010 kl. 03.33 skrev Jonathan Schwartz:

> Hi folks,
> 
> I'm wondering if anyone has experience with the various quality levels and sources of SSL certs. 
> 
> All certs work, but for websites that do higher volume ecommerce, "they" say certs that require a higher level of verification to acquire from better sources are less likely to be an issue for discerning web users. 
> 
> I, for one, have never clicked on the padlock to examine the quality of the the cert. 
> 
> My default provider is rapidssl. 
> 
> Any feedback?
> 
> Jonathan Schwartz
> Exit 445 Group
> 415-370-5011_______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list



-|



More information about the FX.php_List mailing list