Hacker News new | past | comments | ask | show | jobs | submit login

Then continue using HTTP/1.1.

SSL needs to verify the site's identity to be effective, period. For a certain level of trust (EV certs, for example) that requires humans doing work, at least for now. Humans cost money. StartSSL's free certs work perfectly well for non-EV requirements, which basically amount to a verification level of "someone who can read email on this domain has requested a cert for it" - which can be, and is, completely automated and therefore available for free.




That reply is wrong on so many levels.

First of all, everyone wants the benefits of HTTP/2.0, obviously. Else I'd be using gopher, thank you very much.

Then, startssl is a company, that happens to give free certs. For one single sub-domain. Got two subdomains? Gotta pay. They can also decide to make those non-free at any given moment, if they feel like it.

The only part I agree with, is paying for EV certificates. But you should NOT need to pay and you should NOT need a third party to be responsible for YOUR certificates if you do not want to.

And again, there's quite a few distributed trust models around that work well and do exactly that, but get great push back from vendors, since, by nature, they don't bring as much money back.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: