Ask HN: How are GoDaddy SSL certificate's so cheap? Does anyone know how/why this is the case? Also, does anyone have one of these guys? If so, can you comment either way on your experience with it? |
Ask HN: How are GoDaddy SSL certificate's so cheap? Does anyone know how/why this is the case? Also, does anyone have one of these guys? If so, can you comment either way on your experience with it? |
Cert issuing companies are in business because they somehow got Firefox, IE, Opera, etc., to include their authority certificate by default in the browser.
You could start your own competing service but you'd somehow have to overcome that obstacle.
Second, many of those companies offer "business validation" services. This is the more expensive cert, maybe $400 or more. They make sure you have a D&B number, and ideally do a bit of auditing to be sure that you are legit.
So if you are one of those companies and you can make money just for selling a cert, and without having to do any sort of audit, why wouldn't you? With such a basic cert you are mostly just allowing users to have ssl transport without an annoying browser message. That is worth something.
There are even cheaper ones that use a second cert which I think is just a basic part of SSL. You could buy a cert and then issue certs, and as long as the web server includes the full chain, it should be OK.
They are so cheap because GoDaddy does everything with a metric fuckton of volume.
It's about time, though.
My prime numbers are as good as Thawt's but they have the browser recognize their's and not give the scary 'request for security exception' warning that a lesser cert maker does.
The fix is in. It's a scam.
Any experience with the EV certs?
IMHO, this seems like it might be a good way to add user confidence if you're going the route of a lessor market brand.