[FX.php List] [off] SSL Certs
Jonathan Schwartz
jschwartz at exit445.com
Sun Dec 12 20:35:19 MST 2010
Good advice, Leo. Thanks.
I don't have a green bar on my browser. That makes sense.
Bright idea... I'm going to leave it up to the client. Let them decide...and pay for the level of security they desire.
Jonathan Schwartz
Exit 445 Group
415-370-5011
On Dec 12, 2010, at 18:39, "Leo R. Lundgren" <leo at finalresort.org> wrote:
> I agree, I haven't ever heard of any non-technical person that looked at the padlock.
>
> If you want a higher level of trust, go for an EV cert (that gives you the green color in the address bar, so the customer knows it has been more extensively verified).
>
> On a security note, if you are running important sites, you might want to not use wildcard certs, but rather one cert per sub domain/service. Just in case it/they become compromised, then you don't want the attacker to be able to use one single cert to cover all your services. Better he compromises only one of them.
>
>
> 13 dec 2010 kl. 03.33 skrev Jonathan Schwartz:
>
>> Hi folks,
>>
>> I'm wondering if anyone has experience with the various quality levels and sources of SSL certs.
>>
>> All certs work, but for websites that do higher volume ecommerce, "they" say certs that require a higher level of verification to acquire from better sources are less likely to be an issue for discerning web users.
>>
>> I, for one, have never clicked on the padlock to examine the quality of the the cert.
>>
>> My default provider is rapidssl.
>>
>> Any feedback?
>>
>> Jonathan Schwartz
>> Exit 445 Group
>> 415-370-5011_______________________________________________
>> FX.php_List mailing list
>> FX.php_List at mail.iviking.org
>> http://www.iviking.org/mailman/listinfo/fx.php_list
>
>
>
> -|
>
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list
More information about the FX.php_List
mailing list