Post# 1573838232

15-Nov-2019 11:17 pm


We all "ssh" into our remote server's console with our own generated ssl certificates and still feel secure.

But there wasn't any business in self generated certificates. So browser vendors started to reject those certificates claiming those weren't "secure enough", in reality because browser builders were getting paid by certificate vendors.

At its peak came EV SSL certificate, which you must buy if you want to do business and costs thousands of dollars per year.

All these businesses collapsed as soon as free software foundation released their free SSL certificate. Now who pays for any certificate, let alone an EV certificate?

I was wondering if any of the sites still use EV? Visited Amazon, visited Paypal -- either none of them uses EV anymore or even if they do, the browser doesn't show the EV certificate any prominently then my letsencrypt free certificate.

Looks like the certificate extortion business has come its end.

15-Nov-2019 11:17 pm

Published
15-Nov-2019