[carl_]

letsencrypt.org will demolish the DV market and there's already minimal profit without extreme volumes, so lets be honest about this.

> Our CA, DigiCert, does the final checks before issuing your certificate, so you should speak to them directly.

What exactly are you offering here other than reselling DigiCert?

[nailer]

> What exactly are you offering here other than reselling DigiCert?

1. We check your company registration, status, and DNS/whois and CSR while you apply - and before you pay.

2. Better CSR creation. There is no software to install, and no command line Q and A or clicking. You just paste a command onto your server, in either bash or pwoershell, then paste back the results.

3. We're massively faster than standard CAs. CertSimple deliver EV certificates in an average of 5 hours. The standard time for an EV cert is 7-10 days.

And a bunch more. See https://certsimple.com/about

[carl_]

Thanks for the response, so really you're just improving a job that the CA should and could do better.

In your position I would fear that my business/model/product could be easily replaced by any other partner/reseller of a CA, or the CA themselves. Unless your intention is to build volume then either be acquired by a CA or become a CA yourself under somebody elses root?

[mikemaccana]

(replying from old openid account due to rate limit)

No probs: I understand the cynicism: the SSL industry is dominated by sales and marketing giants that market snake oil like SGC and seal in search, I wouldn't trust any of them either.

There's not a lot of people who get UX and get crypto: I've got my name in RHEL and I've also built consumer facing web apps for Google and Microsoft. That's 17 years of pretty unique experience, and we launch new features every couple of weeks. If a CA tries to follow - and they will - bring it, we'll smoke them.

Your final point is accurate.

[carl_]

Hah yeah cynical is fair.

It's easy for me to forget especially when commenting here (HN) that not everybody knows what they are doing and I often undervalue services which bridge a knowledge gap when I have that knowledge.

Thinking again, yes I can see the "doing one/few things very well" working during what is going to be a major shift in the market, especially with the intended end goal.

> I've already ordered - who can I talk to about getting my company validated?

I'd propose the answer to that FAQ needs some sort of improvement, to appear less standoffish.

[nailer]

Thanks for the tip. The FAQ entry certainly wasn't meant to be standoffish, but I've edited it - what do you think?

[micro-ram]

I always hoped CAcert.org would have gotten us there sooner, but that never happened. Agreed letsencrypt.org will radically change the cert market. I have already stopped renewing some personal certs and am using CloudFlare free SSL with a self-signed cert on the origin.

[dwild]

Does cloudflare check that your self-signed cert has the right signature? MITM would still be possible if it doesn't.

[brightball]

Thanks for that. I'll be keeping an eye on that one.