Hacker News new | past | comments | ask | show | jobs | submit login

You forgot one step: "If you are proud of your work, then buy a certificate and sign your work"



Anyone have opinions on good SSL certificate providers or do you agree with the authors recommendation of http://startssl.com ?


They do what they say they do at a decent price. However, their web interface sucks. Absolutely and completely sucks.


This is one of those times I miss the upvote counter on HN. I think it's important for the makers of StartSSL to see just how many people agree with you that their interface completely sucks. Without the counter, it just seems like one person's opinion while I bet many people agree.


HN is not there for the marketing purposes of companies.


HN and all other web sites are there for whatever purposes their users wish to use it for, within the constraints of whatever actions are implemented on a site.

This is one of the things that infuriates me about StackOverflow and its army of article closing moderators. A real community will change its practices and perceptions over time according to the needs of the community. If you have a subset of people who decide what a site is for, forever and ever without change, then it's not a community, it's a cast. Or it's a system of castes.


So if the community (through an influx of new users) decides that the purpose of HN is to spread cat pictures and memes, you'll be cool with that?


No, I'd probably leave. Unless the cats were really interesting.


Welcome to how so many social sites died.


It wouldn't be HN anymore at that point.


This is true. Their prices are good but their web interface is horrible. I felt like I was driving something built in 1999.

That said, their customer service has been very good and very prompt.


Decent price?

It is at least 55 dolars too high.


It could be a bit cheaper, but I'd hope SSL certificate vendors would be putting some work into identity verification. You know, making sure the person with an @gmail.com e-mail is the right person to send the gmail.com SSL certificate to. That could mean manually checking scanned copies of legal documents, making some phone calls, maybe even faxing or sending some things by post. Look at all these requirements Mozilla have to include your CA certificate! http://www.mozilla.org/projects/security/certs/policy/Inclus...

$60 sounds a little high to me, but if you think you could do it for substantially less, why not set yourself up in competition with them?


Because I was commenting on the price for a dev certificate. There are already free ssl certificates for https that doesn't cost anything, or only 10 usd/year.


In that case, it is harder to provide. As far as I know, most SSL certificates just validate the domain name, while code signing certificates validate the developer/company identity.


I've been buying Comodo authenticode certs for years through KSoftware - http://codesigning.ksoftware.net/. The prices are much lower than buying directly through Comodo and the service is excellent.

If you're on Windows, one thing to keep in mind is to use IE or Firefox when buying the cert. After the purchase is approved, you need to navigate to the site in the same browser that you purchased it, and only IE and FF are supported.


http://www.digicert.com/ are good.


I totally agree that maybe people shouldn't be HAVE to buy certificates for their binaries. In that case you should be making moves towards eliminating that process, ignoring the fact that it's necessary in the current market and then being upset when you're missing 50% of your profits is a whole other story entirely.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: