|
|
|
|
|
|
by jburwell
4359 days ago
|
|
|
Heartbleed had nothing to do with certs themselves, but instead, with how OpenSSL implemented an aspect of connection negotiation. Hence, the issue was isolated to OpenSSL not other SSL implementations or the SSL/TLS standards themselves. In terms of "credibility", the issue comes down to how many browsers include their root cert by default. As far as I know, IE, Firefox, and Chrome include it meaning that it will be trusted by default. The way they make money is selling other types of services such as wildcard and "green bar" certs. I think the folks running it want to see a wider use of SSL, and see providing free host-based certs as a good way to accomplish that goal. Bear mind, there zero cost to signing a cert ... |
|
|