←back to thread

489 points gslin | 5 comments | | HN request time: 1.552s | source
Show context
mrtksn ◴[] No.42191644[source]
Hands down one of the greatest services out there, stopped a racket and made the internet secure.

I remember a time when having an HTTPS connection was for "serious" projects only because the cost of the certificate was much higher than the domain. You go commando and if it sticks then you purchase a certificate for a 100 bucks or something.

replies(5): >>42191676 #>>42192385 #>>42192827 #>>42192905 #>>42193198 #
dachris ◴[] No.42191676[source]
There's still enough people out there who don't know better, manually (or auto-renew) purchasing new a certificate every year from their hosting provider like it's 2013.
replies(7): >>42191711 #>>42191799 #>>42191800 #>>42191829 #>>42191872 #>>42191976 #>>42192618 #
mrtksn ◴[] No.42191711[source]
AFAIK there's things like Extended Validation Certificate Verification that used to make the browser address bar look more trustworthy by making it green but I don't know if its still a thing. At least in Safari, I don't see a green padlock anywhere.
replies(7): >>42191763 #>>42191765 #>>42191791 #>>42191856 #>>42191904 #>>42192021 #>>42192314 #
1. _betty_ ◴[] No.42192021[source]
they were also pretty bad for performance due to the extra lookup (and reduction in caching)
replies(1): >>42192187 #
2. account42 ◴[] No.42192187[source]
What extra lookup. AFAIU they are just like normal certificates but with a "customer paid extra" flag.
replies(2): >>42192216 #>>42192233 #
3. _betty_ ◴[] No.42192216[source]
they normally require a revocation lookup on the spot, and iirc there was differences in if they could or how stapling worked.
replies(1): >>42192599 #
4. _betty_ ◴[] No.42192233[source]
https://simonhearne.com/2020/drop-ev-certs/
5. account42 ◴[] No.42192599{3}[source]
Interesting. Sounds like a cost that is entirely reasonable for use cases like online banking though.