Comments on: Microsoft adds free root certificate authority to Windows

By: ColtonCat

ColtonCat — Sun, 21 Mar 2010 17:35:56 +0000

@Edison: You really should talk to Eddy about your experiences. I found him incredibly helpful – you are right the startSSL website is a bit clunky, but heck, have you tried Verisign/Thawte’s site (which has just had an overhall) they (Thawte) were still using the original interface that Mark Shuttleworth wrote back in the days before selling to Verisign.

Point I am making is you now have a viable lower cost alternative that is a REAL certificate. It really irritates me when people add the sort of comments and inferences that you just have when in reality there are thousands of people who navigate startSSL’s site just fine (as you can tell from the comments on this post). I think your inability to do so is related to a skill problem on your side coupled wiht an inability to ask for help. It is really just your loss (the fee you will be paying to the other ones) and your choice to do so to compensate for your inability to work with the startSSL site.

Thanks for sharing tho.

By: Get your free SSL Certificates now… certified by Microsoft | Smarter Geek

Thu, 21 Jan 2010 02:58:44 +0000

[...] Microsoft adds free root certificate authority to Windows – istartedsomething Tags: Security, [...]

By: Getting Started with Encryption » Along the Way…

Getting Started with Encryption » Along the Way… — Wed, 13 Jan 2010 16:26:38 +0000

[...] Long Zheng: Microsoft adds free root certificate authority to Windows (istartedsomething.com) [...]

By: edison battery

edison battery — Fri, 08 Jan 2010 02:00:22 +0000

startssl website is just not user-friendly, I must have signed up over 6 times. each time, I did something else it didnt like. many time ‘Page could not be displayed’ and just when I think Im about to get my certificate, i get an email saying it has been revoked. I Will not try anymore, after all the wasted time. startssl may be ready, but their delivery method is not ready for prime time. I am removing them from my trusted certs, the whole process was ‘mickey mouse’ GET A REAL CERT. PEOPLE, or get some Tylenol.

By: Eddy Nigg

Eddy Nigg — Tue, 08 Dec 2009 10:46:01 +0000

Why include a link to http://www.ssl247.com/ which has nothing to do with Free certificates, Jamie? Is this intentional?

By: Jamie Gellar

Jamie Gellar — Tue, 08 Dec 2009 10:03:40 +0000

For the predominant number of start-ups, like myself and smaller organisations and sites, the fees charged by the likes of Thawte and Verisign (although trusted and consumer recognised) are out of the financial reach for the many similar sized organisations. So Free SSL Certificates are really taking off in an open source battle. I know Startcom for example has had a lot of support from Microsoft recently, with the IE browser closing the gap on the support of SSL certification already at hand from rival browsers such as Firefox, Safari, Chrome etc.

By: solnyshok

solnyshok — Sat, 24 Oct 2009 07:38:59 +0000

hey-ho! thanks a lot for this information. Now I have own free SSL certificate that works with Windows well. Suddenly webdav, https, and vpn began to work.

By: Eddy Nigg

Eddy Nigg — Thu, 22 Oct 2009 08:25:19 +0000

Hey Doctor, lets Go…

Client certificate authentication is no flaw, StartCom decided that this is the only means for protecting subscriber accounts sufficiently, their information and possible validations. Just imagine somebody would gain access to your account and request a few certificates of the domains you already validated…or even worse impersonate you.

However it is correct that client certificate must be treated with care, it’s a responsibility placed onto our subscribers. It’s your responsibility to create an adequate backup of your certificate – you can take it with your, move it around, import into other browsers and systems, remove them when you are done. Obviously there are smart cards and reader-less USB tokens which are extremely helpful for this task, but a simple disk-on-key will do as well. See this item on how to backup your keys from the browser: https://www.startssl.com/?app=25#4

By: Dr. Go

Dr. Go — Thu, 22 Oct 2009 03:39:34 +0000

Eddy Nigg. Ok first of all I think the fact that startcom is providing free root trusted certs is a very good thing and will help many of us developers. And I certainally will be willing to pay to get to an L3 validation so I can get a wildcard EV cert. However there is a flaw in your authentication meathod. If a client cert is issued at the time of the express checkout account creation this is all well and good. However if someone gets a new computer or has to reformat their machine. Guess what no more client cert. Does this mean they won’t be able to access their account anymore to get additional certs or to pay startcom to get upgraded? Wouldn’t this represent a revenue loss for startcom. I’m working on a project now that is entirely serverside. I am using many proprietary meathods for authentication without having to rely on any client code or certs.

By: Free SSL Certificates

Free SSL Certificates — Tue, 20 Oct 2009 05:55:17 +0000

[...] In case you haven’t noticed, this site now supports HTTPS. That’s because StartCom is now offering free Class 1 SSL Certificates. While not as well-verified as a Class 2 or Class 3 cert, this provides decent encryption for server-client traffic. Best of all, StartCom is now a trusted Root CA under the Windows Root Certificate Program. [...]