[carl_]

Thanks for the response, so really you're just improving a job that the CA should and could do better.

In your position I would fear that my business/model/product could be easily replaced by any other partner/reseller of a CA, or the CA themselves. Unless your intention is to build volume then either be acquired by a CA or become a CA yourself under somebody elses root?

[mikemaccana]

(replying from old openid account due to rate limit)

No probs: I understand the cynicism: the SSL industry is dominated by sales and marketing giants that market snake oil like SGC and seal in search, I wouldn't trust any of them either.

There's not a lot of people who get UX and get crypto: I've got my name in RHEL and I've also built consumer facing web apps for Google and Microsoft. That's 17 years of pretty unique experience, and we launch new features every couple of weeks. If a CA tries to follow - and they will - bring it, we'll smoke them.

Your final point is accurate.

[carl_]

Hah yeah cynical is fair.

It's easy for me to forget especially when commenting here (HN) that not everybody knows what they are doing and I often undervalue services which bridge a knowledge gap when I have that knowledge.

Thinking again, yes I can see the "doing one/few things very well" working during what is going to be a major shift in the market, especially with the intended end goal.

> I've already ordered - who can I talk to about getting my company validated?

I'd propose the answer to that FAQ needs some sort of improvement, to appear less standoffish.

[nailer]

Thanks for the tip. The FAQ entry certainly wasn't meant to be standoffish, but I've edited it - what do you think?