I’m curious what the benefits are of paying for SSL certificates vs using a free provider such as letsencrypt.
What exactly are you trusting a cert provider with and what are the security implications? What attack vectors do you open yourself up to when trusting a certificate authority with your websites’ certificates?
In what way could it benefit security and/or privacy to utilize a paid service?
And finally, which paid SSL providers are considered trustworthy?
I know Digicert is a big player, but their prices are insane. Comodo seems like a good affordable option, but is it a trustworthy company?
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters | More Letters |
---|---|
CA | (SSL) Certificate Authority |
CF | CloudFlare |
DNS | Domain Name Service/System |
HTTP | Hypertext Transfer Protocol, the Web |
HTTPS | HTTP over SSL |
IP | Internet Protocol |
SSL | Secure Sockets Layer, for transparent encryption |
TLS | Transport Layer Security, supersedes SSL |
nginx | Popular HTTP server |
9 acronyms in this thread; the most compressed thread commented on today has 7 acronyms.
[Thread #969 for this sub, first seen 12th Sep 2024, 15:05] [FAQ] [Full list] [Contact] [Source code]