Choosing an SSL CA? 94
zentigger asks: "I am looking at renewing some SSL certificates and checking out the various vendors. I seems that just about every major CA has some reason for not using them. Verisign is just evil, Thawte is owned by Verisign, Geocerts has a bad habit of spamming, and Godaddy uses a stupid chained cert that doesn't work for some appliances we have (and they won't let me check out using Firefox). I realize that I could just use a self-signed certificate, but we have too many stupid users that get all confused and whiny when something pops up and asks them unexpected questions. So I put it to you, Slashdot: what CAs do you recommend and why?"
Re:No Answer (Score:2, Insightful)
That is probably because it wasn't really a question, more sort of a flame against the idea of Certificate Authorities with some unoriginal gratuitous insults thrown in.
Without knowing what he wants to do with the certificate it is impossible to answer the question. If he just wants to connect up to his POP3 server via SSL then self signed is fine. If on the other hand he is setting up the online banking service for a money center bank he
The cheapest one (Score:5, Informative)
For god's sake, don't buy Veri-slime's 'Global Certificate' which was built to allow for a crippled 'international version browser', an idea which was abandoned 6 years ago. A quick check of their site leads me to suspect that they changed the name to 'Financial SSL Certificates for OFX'. I Think that that verisign product represents the last 'one percent', however I doubt if anyone should trust an SSL conntection to those long outdated browsers.
Re:The cheapest one (Score:4, Informative)
GeoTrust is now Verisign (Score:4, Informative)
Unfortunately just last month Verisign announced its intentions to purchase GeoTrust. It might suck for any GeoTrust resellers, as Verisign was never very supportive of their resellers.
Here's the press release [verisign.com].
Re:GeoTrust is now Verisign (Score:2)
RegisterFly works fine (Score:1, Informative)
The register-fly website is an example of how not to dimension your server farm for a beautiful PHP driven app. That aside, their Cert. "just works" and whoever's auth. server it actually points to is pleasantly fast.
A recent article suggested similar: (Score:3, Interesting)
I think the most interesting post that time was that the US military and Microsoft [slashdot.org] both use self-signed ones -- which makes a pretty strong case that (if you're a B2B company) your company should sign it and your customers should add your company to the trusted authorities. If your're a B2C one, choose the cheapest one that FireFox and IE trust by default.
Small B2B probably shouldn't self-sign. (Score:2)
If you're a B2B company and have good recognition, like the U.S. Government/military and Microsoft both do, then by all means sign your own certificate. But if you don't have any name recognition, as Joe's Pretty Good Office Supplies might not, then you might still need to get a certificate signed by someone who d
Re:A recent article suggested similar: (Score:2)
Keeping your private key on a co-located server or on a CD in your CEO's liquor cabinet opens you to a world of potential hurt.
Re:A recent article suggested similar: (Score:1)
Re:The cheapest one (Score:2)
Re:The cheapest one (Score:1)
cacert.org (Score:5, Informative)
They have a great concept that should be supported.
Re:cacert.org (Score:4, Informative)
Re:cacert.org (Score:1, Insightful)
Re:cacert.org (Score:2)
If you don't have a proper trust fabric (provided by a commonly trusted CA in the SSL scenario), then all of your encrypted traffic is still vulnerable to a simple MITM attack.
Re:cacert.org (Score:1)
Only at the very beginning of a website request, when the SSL connection is being validated, and a MITM attack is only workable in a fully compromised network (in that case, a CC number would be 'chump change'). A more realistic exploit is a DNS exploit, where a criminal changes the IP address for well used financial site, and then uses a 'low-trust' cert authority to complete the 'spoof' of a correct SSL transaction
Re:cacert.org (Score:3, Interesting)
It is super easy to compromise a network. Try using ettercap sometime. It will ARP poison the switch, so that your switch port acts as an intermediary for all traffic on the subnet. Once you have that, you can also use ettercap to hijack SSL sessions. I've done this before, and it works great. The user gets the message saying "so and so.com sent you an invalid certificate? pretend that this is meaningless and blissfully send your SSN and passwords
Re:cacert.org (Score:2, Insightful)
Yet, somehow you did. yeah! good for you.
Yes, so then the internet isn't perfect. My 'key word' was REALISTIC exploit. (see next...)
On routers and a network you don't own? Just keep talking, and the FBI might just be examining you shortly.
...all the data they send to yo
Re:cacert.org (Score:2)
It's perhaps not something that's as easily done from half a world away like current phishing schemes, but that doesn't mean that it couldn't be employed on any number of semi-public networks. I'm thinking most commercial/residential broadband systems that are shared between clients (cable modem systems).
Re:cacert.org (Score:1)
And the FBI
Re:cacert.org (Score:2)
Well, it does foil sniffing, but it is also supposed to give you positive authentication of the HTTP sender, so that if you see "www.ebay.com." in Latin1 in the location bar and a padlock in the corner, you can be certain that you're actually talking to "ebay.com.", and not some guy in Novosibirsk that got some rogue records inserted into your DNS server.
SSL was absolutely supposed to prevent spoofing, which is a major tool in the toolbag of spammers and phishers.
Re:cacert.org (Score:2)
wrong! (Score:5, Informative)
Encryption without authentication is absolutely meaningless. There would be no way to detect a "man in the middle" attack -- anyone with access to the data stream could impersonate the other party and get the complete plaintext stream. Worse, the MitM could almost certainly insert or remove content at will. ("Almost" since it's possible that there's HMAC data at the application layer in addition to the network(?) layer.)
That's crypto 101 material. Any protocol designer that doesn't have MitM attacks as one of his top priorities should go back to his cereal box decoder rings.
SSL contains both strong mutual authentication and message digesting. One or both parties can choose to ignore information, but it's always their choice and they can refuse a connection unless acceptable authentication information has been provided.
Does this directly address spamming and phishing? No... but it guarantees that you can hold somebody responsible for it. That's why the "soft" side of the CA is so important - you're depending on the CA doing due diligence to ensure that 'paypal.com' is who they claim they are, not somebody with a maildrop. Generating and publishing the certs themselves is trivial.
As an aside, "SSL" does NOT mean that you're guaranteed an encrypted channel. A 'null' cipher exists for testing purposes and many administrators never realize that they should specify a minimal acceptable cipher strength. A malicious application or client could attempt to negotiate encryption down to nothing. Some of the other ciphers are only suitable for keeping your kid sister out of your stuff.
Re:cacert.org (Score:2)
If your "users" are in any way under your control (e.g. if the point of this is to let your colleages use your intranet web-mail from home, or something like that) then you might as wel
Re:cacert.org (Score:2)
Re:cacert.org (Score:2)
Actually, for commercial use, it is irrelevant also. I don't trust any of the people who have allegedly done this, and I've only got their word that they did any checking. Come to that, I don't trust Thawte or Verisign either.
Re:cacert.org (Score:2, Interesting)
First, I'll agree that, yes, CAcert is not supported by anything I know of. Mozilla finally got its act together and published a policy [mozilla.org]. The ball's in CAcert's court, last I heard; they need to have an audit done.
As I understand it, the point of the system is not to act as a content filter, but simply to establish identity. For e-mail certificates with no name (just the address), they simply send an e-mail probe. For domains, they run a WHOIS and you select one of the e-mail addresses in the registration i
Re:cacert.org (Score:2)
As I understand it, TLS & SSLv3 do not support mulitple virtual hosts on one ip/port. Would you mind providing a link for more info?
Re:cacert.org (Score:2, Informative)
Re:cacert.org (Score:5, Funny)
I'm not joking. Don't mod me funny. That's not a good thing for a certificate provider.
Re:cacert.org (Score:1)
The real problem, however, is convincing the major browsers to add cacert to their default trusted certificate authorities. Firefox already has a bug for this: https://bugzilla.mozilla.org/show_bug.cgi?id=2152
Re:cacert.org (Score:3, Informative)
And even if Firefox gets CACerts root cert installed by default, the other 8/10 users are running IE. Does IE have this cert installed by default?
Re:cacert.org (Score:1)
Re:cacert.org (Score:2)
From Frank Hecker, the guy in charge of CAs:
Re:cacert.org (Score:1)
And I am serious, this is not meant to be funny either
Re:cacert.org (Score:3, Informative)
If I'm wrong, I'll be very happy; it'll be nice when anyone can get a free certificate that's associated with a root cert that everyone has (although I'm not sure whether this would destroy the whole point of certificates -- then again I'm not sure whether I care).
Simple (Score:4, Insightful)
Simple, if you customers can't shop on your site because there is some problem with the SSL, they will simply go somewhere else. They won't care about Verisign being evil, they won't care how doing business with them is wrong, they won't care what excuses you could give them. They simply will go somewhere else.
You are in the business of selling, not in the business of being moral and trying to explain it to someone else who may not agree with you. Most non-computer geeks types could give a fuck less on why you think Verisign is evil.
Troll? huh (Score:1)
Re:Troll? huh (Score:2)
That is what metamoderation is for, but quite a few people use that for voting as well. And then there are the people who mod down posts a 'overrated' in the hope the metamods don't catch them.
Re:Troll? huh (Score:2)
this is partly a UI design issue, browser UIs seem to be built arround the idea that ssl=secure with the warnings as an afterthought. Though there is a school of thought that self signed certs on the web should be discouraged anyway as they really give little more than a false sense of security (sure its encrypted but anyone can mitm it).
another thing is, i damn w
Re:Simple (Score:3, Interesting)
Re:Simple (Score:3, Interesting)
Re:Simple (Score:2)
Nah, I bet you they couldn't.
Thawte, who else? (Score:2)
I haven't found any reason to change.
Re:Thawte, who else? (Score:2)
Isn't a Thawte signature like hundreds of $$$ a year? That should be enough to make you want to change.
-matthew
Re:Simple (Score:1)
Why don't you just take the cheaper deal?
Or I still even think customer don't care to click 1 extra step for accepting some verification screen if the web tells you to click and it's safe and the price fits their demand... Why make cost on certificate? Not that they are going to put in a great frame and mail it to you.
Re:Simple (Score:2)
The problem with Verisign isn't that they are evil. It is that they are EXPENSIVE. There are some very cheap CAs that will be happy ti sign your cert and your customers won't know the differnce.
-mat
Re:Simple (Score:1)
I use Comodo (Score:5, Informative)
They were the first company I found selling certs for $50 compared to Thawte which was around $200 at the time. Now we use a wild card cert which costs $449 + $10/server. We use it on 15 servers with 20 or so hostnames (*.url.com) right now. It makes it a hell of lot easier to update and manage only one cert.
We have had no reported problems with browser compatibility.
Re:I use Comodo (Score:1)
Re:I use Comodo (Score:1)
Re:I use Comodo (Score:1)
Re:I use Comodo (Score:1, Informative)
Protip: While you might be wondering about that $10/server charge there, know this: apache 1.3.x (and I suspect 2.x) CAN in fact have SSL vhosts all sharing an IP provided that they all use the same SSL key and SSL certificate Since they all use the same key, the encryption will be negotiated, then the actual vhost to use wi
Re:I use Comodo (Score:1)
I know those gotchas too. If you change anything in an SSL vhost you have to do full restart. There's nothing worse than f
Re:I use Comodo (Score:2)
You should rewrite them to do the job properly instead of your clumsy hack. I'm surprised you want to admit such sloppiness in public.
Re:I use Comodo (Score:4, Informative)
Re:I use Comodo (Score:2)
Who says it was a bug in Sun's code. Maybe the JVM just doesn't trust Comodo, in which case you have a gripe. Why should one pay for a cert that isn't trusted in everything the customer needs????
Re:I use Comodo (Score:2)
It seems like _everybody_ messes up the first time nowadays, so I'll take somebody who can fix their problems well.
Sorry (Score:2)
If you just need to work with any web browser released in the last 5 years, you buy a chained certificate from, well, just about anyone. Godaddy is my preference, but you can use ssl.com or any of the others. I don't recall having a problem checking out with firefox.
Can you trust a self-signed ? (Score:5, Interesting)
Re:Can you trust a self-signed ? (Score:2)
Deja Vu? (Score:2, Insightful)
Re:Deja Vu? (Score:3, Interesting)
We use imaging software (such as Ghost) and include the cert pre-installed in IE's "Trusted Root" and/or Mozilla's "Authorities" on every machine we roll out. Eliminated perplexed users calling about messages they don't understand.
Of course, we're not an e-commerce site, so this is purely an internal solution.
Re:Deja Vu? (Score:2)
FYI, IE7 makes visiting a site w/ a non-trusted cert even less palatable.
Avoid Thawte (Score:2)
ev1servers.net = $14.95 (Score:4, Interesting)
Re:ev1servers.net = $14.95 (Score:4, Informative)
Now if you really want to spend 13 times as much for a Thawte cert that functionally does exactly the same thing go right ahead. I prefer to keep the extra $184.05 in my pocket.
Comment removed (Score:5, Informative)
security requires a good verification process (Score:1)
Renewal, OTOH, is much easier. Basically you just click the buy renewal button and hand over the money.
Best deal I've found (Score:4, Informative)
Then move on to Simple-SSL.com [simple-ssl.com], $35 for two years or $44 for three years. Both certs are from RapidSSL.com [rapidssl.com] (aka GeoTrust, but I've never seen spam from them), so they work in all the browsers most people care about, but Simple-SSL.com is much cheaper than RapidSSL.com even though it's exactly the same product.
By the way, if anyone knows how to add additional certificates to a Motorola v551 mobile phone, please let me know...
Re:Best deal I've found (Score:1)
Check around HoFo [howardforums.com] -- I'm sure you'll fine information there. It's probably just a matter of downloading the cert in the proper format (DER, PEM, whatever) in the built-in browser. Use openssl to convert formats if needed.
GeoTrust was bought by VeriSign last month (Score:3, Informative)
The new was made public 1 month ago with the announcement that almost all of GeoTrust's staff were being let go in a few weeks, VeriSign was the new owners and were gonna consolidate operations.
GeoTrust is still in business right now, I know for a fact that they've got salesfolk answering the lines and their product lines haven't been shut down so as far as a certificate goes they're still as good as they were a month ago. And those certificate chains are a valuable asset and will no doubt be maintained indefinitely. However the package and pricing will likely change as VeriSign moves yet more solidly into the number 1 (and 2, and 3) spot.
Any regulation of this? (Score:2)
Hmmm, and I thought I had found a decent non-Verisign company. I wonder when these acquisitions qualify as anti-competitive.
Certificate Authority Market Share Report (Score:3, Informative)
http://www.securityspace.com/de/s_survey/data/man
Popularity does not equate to quality or value for price, but it often well correlates to it. At least you could use this as a starting point for investigation.