On 04/26/2014 10:53 PM, Daniel Micay wrote:
If the free certificates were not creating revenue by luring people
into the paid offerings, I doubt they would be offered. There's no
need to feel pity for a working business model.
You probably aren't around long enough to remember or know about how the
StartCom CA was started. Of course to be a serious and realistic
certificate provider that has taken down the costs of SSL certificates
in general and in order provide an alternative to the existing model, a
different business model had to be implemented that makes the operation
sustainable.
Of course those that enroll for higher validations actually pay partly
the issuance costs of the non-validated (Class 1, Free) certificates,
however those costs are fairly low considering they share the same
infrastructure and personnel.
Bottom line is, that though StartCom needs the higher validations in
order to sustain the operations, it's the result of the former and the
free certificates are not the result of the latter (initially StartCom
had only domain control validated and free certificates).
--
Regards
Signer: Eddy Nigg, COO/CTO
StartCom Ltd. <http://www.startcom.org>
XMPP: start...@startcom.org <xmpp:start...@startcom.org>
Blog: Join the Revolution! <http://blog.startcom.org>
Twitter: Follow Me <http://twitter.com/eddy_nigg>
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
