login. • Much harder to “snoop” on secure traffic. • Google gives a bit of consideration to a site’s use of SSL, and will likely increase its importance. • New technologies largely negate performance concerns.
Verifies some information to ensure a level of trust • Relies on browsers trusting CAs • Examples include: Comodo, Verisign, GoDaddy, StartSSL, and Let’s Encrypt
provided by the CA • The CSR produces, or uses an existing, private key • The key is never shared, and should never leave the server it’s used on (generally)
(3) months • Simple command-line tools to issue certificates • Many services are adding free SSL support using this CA • Doesn’t support wildcard domains • Only allows domain validation
incorporating advanced features • Free certificates are valid for one (1) year • Paid certificates are valid for two (2) years • Wildcard domains are allowed with paid options • Paid certificates support organization and extended validation