<div dir="ltr">The higher end certificates come with more insurance. Usually the terms of the insurance are such that cashing it in is impossible, but that's another issue.<div><br></div><div>It's marketing. The higher priced places are not selling to you, they're selling to people that want to buy the perception of security through a) a higher cost and b) selling a name.</div>
<div><br></div><div>I've worked at multiple companies where buy the top tier certs because the higher ups want the site seal from a recognized place. One employer has a portal where the tech staff orders SSL certs, they don't get to see the prices and the only two options are wildcard and EV. Yes, EV certs for staging environments, too. And that portal only works on Internet Explorer :(</div>
<div><br></div><div>That said, since many articles have been written showing the results of an A/B test almost universally point to site seals and lock icons increasing sales, it's not a stretch to think that name recognition of the seals may also have an effect. So paying $1,000 for an SSL certificate that actually increases sales may be worth it in some cases.</div>
<div><br></div><div>Sean</div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Fri, Jun 13, 2014 at 12:24 AM, Trevor Cordes <span dir="ltr"><<a href="mailto:trevor@tecnopolis.ca" target="_blank">trevor@tecnopolis.ca</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="">On 2014-06-12 Paul Sierks wrote:<br>
> Last meeting we spoke about SSL for a brief few minutes as a result<br>
> of the self signed one we saw. Just thought I'd share with the group<br>
> where that $25 / 5 year is.<br>
><br>
> <a href="https://www.ssls.com/comodo-ssl-certificates/positivessl.html" target="_blank">https://www.ssls.com/comodo-ssl-certificates/positivessl.html</a><br>
<br>
</div>That's dirt cheap. Have you bought one? Can you vouch that they are<br>
root CA'd in every major browser / platform? That's always the big<br>
problem when I see non-big-guy CA's. If only half (or less!) of the<br>
browsers have their root CA then might as well just self-sign.<br>
<br>
I'm a reseller for Tucows/OpenSRS for certs and am always shocked how<br>
expensive the big-name certs cost... COST! Not even talking about what<br>
I'd have to charge to make even a small profit. Surely either a) the<br>
big guys give you something the unknowns do not, or b) big-guy's cert<br>
prices must inevitably fall to remain competitive, or c) the big-guys<br>
don't care or think most people will never find cheaper certs.<br>
<div class="HOEnZb"><div class="h5">_______________________________________________<br>
Roundtable mailing list<br>
<a href="mailto:Roundtable@muug.mb.ca">Roundtable@muug.mb.ca</a><br>
<a href="http://www.muug.mb.ca/mailman/listinfo/roundtable" target="_blank">http://www.muug.mb.ca/mailman/listinfo/roundtable</a><br>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br>Sean Walberg <<a href="mailto:sean@ertw.com" target="_blank">sean@ertw.com</a>> <a href="http://ertw.com/" target="_blank">http://ertw.com/</a>
</div>