SSL differences ??????

[findtim]

what really is the difference between a comodo $8 SSL and a verisign $335 SSL ?
the answer is probably here : Cheap SSL certificates - get your SSL certificate within 5 mins here under the promo area but does a customer REALLY care ? or know the difference ? as long as they see a "https" and something that looks like its secure.

i've had test sites that have actually had orders placed on them even though i put up graphics that says "do not put credit card details int this site... opening in March... "

so why pay $335 instead of $8 ?

tim

 

[FirstPageResults]

The answer is basically trust..

I don't think cheap certs are manually reviewed to check legitimacy of companies, so you are paying for the time it takes to review and the pretty seal on your website.

 

[snoopy]

Verisign is somewhat known I think.

The green bar on some of the more expensive certificates probably add some small degree of confidence also. Wouldn't pay over $10 though unless it was a multi million dollar operation, I think the number of people who would say "I don't trust this comodo certificate stuff" is very slim. Most people don't care or look at all, a small % would look for a lock I think, and some teeny tiny % are concerned about the issuer etc.

 

[findtim]

thanks for the advice, i've talked to a few members in dev and they all seem to be heading towards SSL on ANY site they do no matter how small, i've only ever thought of it for ecom but one of my clients sites got hacked a few weeks ago and i am still picking up the pieces ( we had him backup in a few hours) but little stuff and a complete waste of my time.

i'm seriously considering insisting on SSL for all new clients, even if they just want a simple 5 page non ecom

is that going to far?

tim

 

[FirstPageResults]

Yes, seems over the top to me and an unnecessary cost.

SSL won't stop your site from getting hacked.. unless the cause was your client logging in via public wifi and the details were sniffed

 

[findtim]

Yes, seems over the top to me and an unnecessary cost.

SSL won't stop your site from getting hacked.. unless the cause was your client logging in via public wifi and the details were sniffed

hmmm, that could be the case as he is a "cafe" updater on his blog via his andriod which i think gets more cuddles then his wife !

thanks

tim

 

[FirstPageResults]

If that was the case then you could just make the admin run over SSL rather than the whole site as SSL is slower to load than standard HTTP

 

[nina]

The pricing in domains varies in few instances.
1 - you can have a low risk domain ssl for when you're integrating with facebook where pages are embedded from your site and you need ssl for it to display. We have that on a few sites.
2 - there is ssl for lower volume, low risk transactions, normally smaller ecommerce sites
3 - there is the element of assurance risk which brings up the cost of the ssl
4 -the green ev ssl is about trust and assurance shown in the address bar and has the highest level of assurance and takes several days to weeks because you have to provide information such as asic details, director details, more authentication and it's manually done.

I don't know why anyone would run their site in ssl if it 's not needed in these listed situations.
We buy a mix of different prices ssl's depending on client needs to make sure they're getting what they need, not what the price is about.

Most ssl certs, even the cheaper ones require 2048 encryption.
Sometimes the more expensive ones have better cross browser compatibility but we no longer support IE6 because we believe that if security is going to be an issue, IE6 is not secure enough due to non support for several years now, but that is another story.
So in my opinion, for what it's worth, using ssl on a standard 5 page site, is expensive and unwarranted on the basis you may need to have purchased either an IP address to run it on, or a wildcard address, which can be via domain or maybe even IP I don't know about that one.

SSL - it's sort of like a mix and match depending upon requirements.
I know this is an old post - I've not been here for a while not because I don't want to but the worlds have not been aligned perfectly to give me time to indulge in the things I love doing.

hope this sheds more light.
Nina