Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
C0D4681456yWell you can go back to $200+ certs if you want, $20 for a domain, you need anyway still makes it free ssl.
-
The air is not free because you have to buy food and medicine [to live to enjoy the so called free air].
My argument is as valid as yours -
sauronjs2166yI don't understand how ask isn't free when you're not actually paying anything for obtaining or maintaining *ssl*.
-
@vocuzi man why didn't i think of that
@C0D4 can i have some money
@netikras idk where you live but where i live provides food to homeless people
@PrivateGER still need money for that
@EdoPhoenix i got mine for free, and i'm a kid so it's not like i have to pay for power -
taigrr8796y@geronimo sure... and then the renewal fee the next year and every year after is $12.88.
-
@calmyourtities No, you don't need a single cent. Except for running the server, of course.
-
@PrivateGER oh wait you're right, my account was just banned from a while ago
-
@rEaL-jAy that's completely false. a domain validated cert from anywhere else is no better than let's encrypt.
-
taigrr8796yIt depends on what you think the purpose of ssl is. Let's encrypt is no better or worse for encryption, as the ssl protocol use is actually up to the server host in the first place.
The only real difference is authentication. Let's encrypt does only dns validation, not entity validation. So if you're a bank, you want both. Ever notice there's the name of the bank signed and embedded in the cert? You can see it in the URL bar. That's the part that costs extra. Their cert provider charged to verify not only do they own that domain, but actually the bank that registered that name in the country of origin is the owner of the matching domain name, etc.
Here's the issue. Everyone knows ssl secures your connection. How many people actually know to look for a name in the ssl cert? Furthermore, does it matter? The only thing named certs really prevents* is phishing. Which, 99/100 times is solved just by looking at the URL bar.
Even then, named certs aren't perfect.
(Can prevent)* -
sauronjs2166y@taigrr it is that 1 out of 100, for which ssl is required. so that you can be sure that the url you're looking at and certificate provided by host matches with certificate registered with the provider and no one in the middle is actually serving you a clone.
Related Rants
ssl isn't free if you have to buy a domain
random
let's encrypt