Skip to Content [alt-c]

Comment

In reply to Renewing an SSL Certificate Without Even Logging in to My Server

Reader Gary Mort on 2015-05-05 at 16:18:

Interesting and very neat...of course this completely violates the terms of issuing EV Certificates. EV Certificates assure that a human being actually checks and verifies the information - by automating that process SSLMate instead only "verifies the information by a human being" once - when the certificate is first issued. So SSLMate EV certificates offer a false sense of security to end users.

I'm sorry to sound so critical, honestly it's not you specifically - early every security "professional" falls into this well worn trap - they spend time obsessing over little intricate details but completely ignore the human element of security. It is a well designed sandbox to play with security, but it should not be used in the real world.

Reply

Post a Reply

Your comment will be public. If you would like to contact me privately, please email me. Please keep your comment on-topic, polite, and comprehensible.

(Optional; will be published)

(Optional; will not be published)

(Optional; will be published)

  • Blank lines separate paragraphs.
  • Lines starting with ">" are indented as block quotes.
  • Lines starting with two spaces are reproduced verbatim.
  • Text surrounded by *asterisks* is italicized.
  • Text surrounded by `back ticks` is monospaced.
  • URLs are turned into links.
  • Use the Preview button to check your formatting.