On 30 March 2014 17:26, Marc Haber <mh+debian-de...@zugschlus.de> wrote:
> I find this somewhat a fair deal. If you make money from your web > site, you should pay for the certificate. > > Where do you draw the line? Does a commercial company hosting a website, say for documentation for a commercial product count at a per profit website? Also, startcom seems to be offline a lot lately, as I previously mentioned before. A bit poor if you have to pay for such bad service. The actual wording, from http://www.startssl.com/policy.pdf is: "3.1.2.1 "Class 1 Certificates provide modest assurances that the email originated from a sender with the specified email address or that the domain address belongs to the respective server address. These certificates provide no proof of the identity of the subscriber or of the organization. "Class 1 certificates are limited to client and server certificates, whereas the later is restricted in its usage for non-commercial purpose only. Subscribers MUST upgrade to Class 2 or higher level for any domain and site of commercial nature, when using high-profile brands and names or if involved in obtaining or relaying sensitive information such as health records, financial details, personal information etc." What does "commercial in nature mean"? If I run a website as a hobby, and have Google ads on it, does it count as a website of commercial nature? Does this mean if I setup a website giving helpful hints for Microsoft Windows (a high profile brand), I cannot use a class 1 certificate? Not exactly like I would expect to get any money from it. They haven't really defined what they mean, and I think that is a big problem. On the other hand, getting back on topic, cacert.org offers you certificates free, and for any purpose, which is why it is much better then any of the other free alternatives (I only know one free alternative). I don't understand what is going on behind the scenes, however from my perspective (which may or may not be correct) it appears that every time cacert.org is about to get somewhere with getting their CA included with my browsers, they keep getting more and more road blocks put in their way. Road blocks that other, more established commercial CA's don't have to worry about. As such, any statements that say cacert.org is not needed because we have startcom, are incorrect. -- Brian May <br...@microcomaustralia.com.au>
