Site Archives ssl

Strictly Opera


Long after the major software vendors which produce browsers and mail clients already supported the StartCom root certificate by default, users of the Opera browser couldn’t enjoy the benefits of free and cheap SSL certificates easily. And I myself had to postpone an article I intended to write about Opera for more than two years […]

Beat the Drum: Open Web needs to be Secure!


Mozilla is beating the drum for an Open Web at their new project page “Drumbeat“. Mitchell Baker, the Chair of the Mozilla Foundation has been regularly blogging about a more Open Web and what it might mean for us. There is lots of talk about openness, decentralization, freedom and public resources of the public Internet, […]

Refute the FUD


In my capacity it’s my job to counter a few baseless claims which some use in order to try to spread Fear, Uncertainty and Doubt (FUD) regarding the digital certificates which StartCom issues for free without charge. This is a response to Sebastián Bortnik, David Harley and Dan Raywood regarding their articles I found recently […]

SSL Flaw by (Browser) Design?


A while ago, the two security “white hats” Alexander Sotirov and Mike Zusman announced that they are going to publish a tool for exploiting EV SSL secured sites at the Black Hat Security Conference at the end of this month. Some sites reported the alleged attack on EV SSL secured sites as a means to […]

Securing a Revolution


It’s my own and StartCom’s company policy to refrain from voicing personal opinions regarding political matters. Otherwise however StartCom takes a clear stance when proclaiming:
We believe in the right to protect and secure information between two entities without discrimination of race, origin and financial capabilities.

The Geek Factor


I don’t need any stinkin’ CA issued certificates for my web sites, for this I do -  openssl 123 …
So goes the usual rant by geeks, hackers and open source enthusiasts against the certification authorities and their accomplices Internet Explorer, Firefox and Co.. Why is that and did anything change?

The Race Is On - You Won


The competition in the digital certification business is preparing for StartCom’s entry with its super-cheap EV SSL offerings. Proclaims a director of a well known certification authority:
“EV SSL certificates are no longer an expensive premium for Web security; they are a necessary tool to help thwart phishing, man-in-the-middle and other malicious fraud attacks”

CA/Browser Forum


Since this weekend the StartCom Certification Authority is officially a member of the CA/Browser Forum. This forum is a closed group of commercial certification authorities and software vendors - in particular browser vendors - which was founded sometime in 2006. At a previous occasion the StartCom CA was denied participation, but having now met their […]

Positive Indicators


Phishing attacks seldom use SSL certificates for their fake sites resembling Paypal, eBay or whatever, because they look as good without it. So far this apparently just worked fine because a somewhat careless user simply doesn’t pay attention to the microscopic indicators the browsers used to give us in the past. Well, that’s perhaps an […]

Securing Websites Economically


With a world-wide recession looming around the corner, budget conscious web site operators will look for ways to save resources wherever they can. Securing and serving multiple web sites from the same server always required a digital certificate and dedicated IP address [1]  for every site and domain. Needless to say this can add to […]