Comments on: SSL verification still often disabled http://daniel.haxx.se/blog/2012/10/04/ssl-verification-still-often-disabled/ Technology is life Wed, 27 Mar 2013 09:45:34 +0100 http://wordpress.org/?v=2.8.3 hourly 1 By: Bruno http://daniel.haxx.se/blog/2012/10/04/ssl-verification-still-often-disabled/comment-page-1/#comment-12332 Bruno Thu, 04 Oct 2012 19:03:28 +0000 http://daniel.haxx.se/blog/?p=3553#comment-12332 One of the obstacles for using SSL verification, is that it is (was) often costly to get your certificate signed by a CA that is trusted by the majority of browsers; I believe some services used self-signed certificates simply because they were free. The situation is improving though: I know that at least at startssl.com, you can get a basic certificate (that is trusted by major browsers) for free. Cacert.org is a good example of how the community can organize a CA; unfortunately, it is not included by default (except perhaps in Debian?). One of the obstacles for using SSL verification, is that it is (was) often costly to get your certificate signed by a CA that is trusted by the majority of browsers; I believe some services used self-signed certificates simply because they were free.

The situation is improving though: I know that at least at startssl.com, you can get a basic certificate (that is trusted by major browsers) for free. Cacert.org is a good example of how the community can organize a CA; unfortunately, it is not included by default (except perhaps in Debian?).

]]>