1 |
On Fri, Mar 27, 2015 at 3:15 PM, Diego Elio Pettenò |
2 |
<flameeyes@×××××××××.eu> wrote: |
3 |
> On 27 March 2015 at 19:14, Rich Freeman <rich0@g.o> wrote: |
4 |
>> |
5 |
>> StartSSL in fact refuses to revoke certificates even when people |
6 |
>> publish their private keys publicly. If you buy a previously-used |
7 |
>> domain you might want to make sure that there isn't a StartSSL |
8 |
>> certificate floating around for it which is still valid... |
9 |
> |
10 |
> Uh? They don't do it for free, but they do revoke certificate if you pay for it. |
11 |
> xine-project.org has a revoked cert from last year due to heartbleed. |
12 |
|
13 |
That was basically my point. There aren't any free options which are |
14 |
secure (that I'm aware of). There are options which cost money which |
15 |
are secure, including StartSSL. It just annoys me when people trot |
16 |
them out as an example of why SSL certificate costs aren't a problem. |
17 |
You can debate whether not having secure free options matters or not, |
18 |
but you can't argue that StartSSL is a secure free option. |
19 |
|
20 |
-- |
21 |
Rich |