New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
the warranty can be claimed if and when someone cracks the encryption. If the public private key pair get stolen, it is the domain owner's fault not the certificate authority.
Has anyone in the entire history of mankind ever claimed the insurance sum for an SSL certificate? As far as i know that hsa never happened
not that i know of its pure bs. I agree with @skagerrak at how the entire infrastructure is flawed but thats how things are .. charging hundreds and thousands of dollars for these certificates is lunacy....
& btw the 'extended validation' portion of comodo ssl now happens in INDIA
Not that i've heard of. The problem might be that the warranty has to be claimed by the site-user (eg. the visitor). Those are most likely private persons. They would be forced to pay a lawyer and provide proof of: the interception, the mis-issued cert or any other damage that was caused because of the cert itself. That might be quite hard for the average person. Besided that they need to be aware of the warranty at all.
Those companies have most likely insurance contracts for that matter. If you're interested you should read the ToS of Symantec on the warranty (the only ones i've ever consulted so far). It is quite an interesting amount of complicated wording on a specific level that they most likely can evade the payment quite easily.
In practical terms, warranty is more about protection against the certificate issuer handing out a certificate to a fraudulent person, i.e. someone who pretends to be someone who he isn't.
In case of the domain-validated certificate, the warranty could be claimed if the certificate was issued for a specific domain to someone who doesn't own the domain, and if that someone was subsequently doing bad things with it (man-in-the-middle-attack for example would work wonderfully with that). Because domain-validation isn't a strong proof of identity (it'd be enough to intercept the domain holder's email), the issuer would naturally keep the level of warranty low.
With EV certificates on the other hand the identity validation is much more involved; chances for a fraudulent person to fake his identity and yet receive such a certificate are much lower - hence the higher trust modern level browsers give such certificates. And hence why the warranty is much higher as well... the issuers should have a pretty good idea with the information they require whether the person is who he claims he is.
So - if a site visitor buys something with his credit card on a webstore protected with an EV certificate, and if that webstore turns out to be a phishing site or something else bad (using a fake identity), then he could theoretically claim for damages at the issuers who handed out the certificate and who didn't do the proper job of validating the ID.
And that is not a special price, but all year round.
All these huge CA's get huge amounts of money from huge companies. But really 90% of it's pure profit (some money goes to audits and insurance). I dream of a Internet where people don't need to pay $100's for basically just trust. No one should be able to buy that.
That is why I like startssl. They are small and not fully trusted (missing some Linux distros) but their ideals are rock solid. They believe SSL security should be attainable by everyone.
I am really hoping that CAcert can get recognition of a of authority. Completely FREE SSL certificates based on the trust of individuals rather than corporate CA's.
After reading through 2 pages...could someone please explain to me: did OP actually run a scam/spam site as @CentrioHost has suggested and hence got his certs revoked?
If not, how did OP gets his certs revoked? Why did @CentrioHost not revoking everyone's 2 USD certs but just OP's?
I am not on any side, just feel we need to know the full picture as well.
I most definitely didn't run any scam or spam sites. I'm not sure why it got revoked tbh but frankly, I don't care now as I have gotten new certificates from elsewhere.
Word of warning to everybody else, don't assume that @CentrioHost will honour the $2 renewal agreement. They most likely won't.
Could it be your site was hacked? It happened to me before as well, one of my Wordpress plugins were not up to date and some hacker got a hold on my server and ran some random scripts in it (which I assume weren't doing anything good). Luckily I had no SSL on that site and my VPS provider worked iwith me on that.
According to my Globalsign rep, who I've been badgering to give us this pricing scheme too, Centrio Host has been let go as a Globalsign partner "because of this pricing structure and their disruptiveness in the pricing market for the certs. This is for an overflow apparently of left over certs."
So take that for what it's worth.
ah! I have 5 certificates from him which I had not even begun using! The important question is whether there will be a renewal ?
Will globalsign let the current certificate holders renew at the same price ? they freaking should seeing the mess they made, all this by a market which sells 'security' , security my a**.
Wow...so GlobalSign kicked them off because they are selling certs for cheap and disrupted their hugely overpriced business? That's disappointing...
I don't know if they've been completely kicked off per se, but they won't be selling any new ones at that price. I didn't probe further; my goal was to get better pricing for our own offerings, not figure out what's going on with Centriohost.
& did you manage to get a good offer ?
These guys are clearly morons in terms of PR
The response I got from globalsign when i contacted them.
>
>
>
>
>
>
So Globalsign is a letdown, no shit.. So basicly everyone who ordered from @Centriohost is truely screwed... As i figure that no one will get that promissed renewal price..
Still interested on how @CentrioHost thinks about this, will they honor the promise or not.. This is no longer about okiedokie, but allot of us have order an cert at centrio (im guessing here)
So @Centriohost, i figure you disabled notifications for this thread. But will you honor the promise you made here when you sold those certs, (and no im not going to bitch about .50 cents) so either 2 or 2,5$ for renewal?
*EDIT: Nevermind he seems to been banned... so no awnsers from him
I emailed him yesterday asking if he would honor his renewal price but there has been no reply so far.
Can he get temp unban so the community that uses his service gets an answer? Then maybe afterwards if its necesaary, ban him again?
I wouldn't say people who can't renew are screwed. The offer was too good. If you got a year wildcard at that price cool deal, you knew it was risky. Ipxcore seems to have a pretty good deal. Interested in that start ssl yearly deal too.
Wow, finally. I'm quite surprised he didn't get banned for this long while after seeing the kind of comments he made here. However, it was quite entertaining seeing his comments. Don't mean to offend the people who those comments were made on.
Isn't it his usual answer to the community to call his clients cunts and assholes? I don't really see why we need to unban him just so he can call people cunts and assholes.
People are more concerned with their 2 bucks than being called @**oles
Msg From @centriohost
>
>
>
I LOVE this line...LOL
That might be true, but some people here probably wants to know what would happen with their money/ssl cert/whatever.
Perhaps this is the all-so-mysterious "primary site"? :
http://havehost.com/company-profile.html
Compare:
http://www.centriohost.com/about
Edit: Or this one perhaps?:
http://i7hosting.com/contact.html
Or perhaps there isn't one, and it's a load of BULLSHIT.
discussion between me and globalsign lead to an interesting yet disturbing discovery
>
So resellers have the right to revoke certificates ? when did they become certificate authorities !