These guys are a joke. A lot of things they claim (organisation verification?) they lack… And their servers TLS configuration is baaadddd…
Credit where due, though: at least they seem to recognize that HTTPS is needed on all websites
So much ignorant FUD…
Only the domain name is verified (and not the organisation),
Yes, that’s true. It’s also true of Google’s certs, and Amazon’s. Some people want the EV certs, but some of the biggest businesses on the Internet do just fine without them.
They focus solely on HTTP traffic (with no provision for e-mail or file transfers),
Nonsense. LE provides a standard TLS cert that can be used in any application that supports them.
They provide no guarantee in the case of abuse occurring,
What guarantee should they provide?
They don’t give an additional trust seal like a premium SSL certificate,
No, they don’t, and neither should any other CA.
Renewal is required every three months
…and if it’s set up properly, renewal will happen automatically, so that the site owner doesn’t have to pay any attention to it.
I’m sure I’m preaching to the choir, but the FUD does get irritating. Wonder why they pulled the post from their blog.
Thanks for the link. The last part really is the bottom line, as far as I’m concerned: has anyone ever successfully claimed against one of these guarantees? I really doubt it. And if that’s the case, what is the value of the guarantee? Especially to me, the site owner?
Actually, I think I know the answer to that last question, and it’s the same as for the site seal (which usually accompanies the “guarantee”)–it gives warm fuzzies to ignorant users/customers. They see the seal, they believe it means much more than it actually does, so they engage in transactions they never would otherwise.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.