Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Why is there such a big difference in the prices of SSL Certs?

  • 25-11-2011 4:20pm
    #1
    Closed Accounts Posts: 2,743 ✭✭✭


    The cheapest SSL cert offered by Verisign costs £259 sterling per year before tax, or $599 USD (for servers outside America).

    Godaddy, and various other vendors, offer what looks like the same spec for $10 per year - and give permission to install it on multiple servers.

    What is the difference beyond the branding to justuify the price? I'm guessing that Godaddy and the like offer the same certs to multiple customers and Verisign don't - therefore Verisign certs are more secure?


Comments

  • Closed Accounts Posts: 2,267 ✭✭✭h57xiucj2z946q


    The cheapest SSL cert offered by Verisign costs £259 sterling per year before tax, or $599 USD (for servers outside America).

    Godaddy, and various other vendors, offer what looks like the same spec for $10 per year - and give permission to install it on multiple servers.

    What is the difference beyond the branding to justuify the price? I'm guessing that Godaddy and the like offer the same certs to multiple customers and Verisign don't - therefore Verisign certs are more secure?


    Some platforms don't have certain vendor's certs. e.g. early android releases didn't support all vendors, so you may have security/permission problems and/or warnings with some application.


  • Registered Users, Registered Users 2 Posts: 4,676 ✭✭✭Gavin


    I'd imagine you are paying for the authentication behind a Verisign certificate which is probably a bit more stringent that a $10 GoDaddy one. That is, the authentication of the person/company receiving the certificate. Just guessing


  • Moderators, Recreation & Hobbies Moderators, Science, Health & Environment Moderators, Technology & Internet Moderators Posts: 93,567 Mod ✭✭✭✭Capt'n Midnight


    Too many "Me Too" organisations with poor security issuing certs these days :mad:

    Problem is they have diluted the "SSL cert" brand too much.

    Do your research , but remember that most commercial organisations don't report bad news.


    http://www.theregister.co.uk/2011/09/12/globalsign_security_breach/
    With its admission, GlobalSign's breach becomes at least the seventh time an entity that issues SSL certificates has been hacked this year. Four resellers of Comodo have been compromised, including one that allowed the attackers to mint fraudulent credentials for GMail and six other sensitive addresses. A similar attack hit Israel-based StartSSL, but the attackers didn't succeed in securing the bogus certificates.


    http://www.theregister.co.uk/2011/09/07/globalsign_suspends_ssl_cert_biz/
    Forged certificates created the mechanism to pose as the targeted websites as part of either man-in-the-middle or phishing attacks. Forged Google.com SSL credentials were used to spy on 300,000 Iranian internet users, according to authentication lookup logs on DigiNotar's systems, and separate evidence from Trend Micro.


  • Closed Accounts Posts: 1,188 ✭✭✭UDP


    Op, you are paying for the name of the company issuing the cert - they also offer a warranty but that is pointless. Verisign do more checks than most other cheaper companies too from what I see so I'm sure that's part of the cost. Check out instant ssl certs by comodo as an in between level cost wise which should be supported by the same browsers as verisgns.


  • Registered Users, Registered Users 2 Posts: 1,726 ✭✭✭gerryk


    UDP wrote: »
    Op, you are paying for the name of the company issuing the cert - they also offer a warranty but that is pointless. Verisign do more checks than most other cheaper companies too from what I see so I'm sure that's part of the cost. Check out instant ssl certs by comodo as an in between level cost wise which should be supported by the same browsers as verisgns.

    Why would that matter? The root CA certs are in the browser, and they all have equal meaning there, so how can teh higher price be justified?

    It's not like people check the CA that signs every cert to see if they're more or less trustworthy?


  • Advertisement
Advertisement