exclusive content published on October 24, 2006

The release of Firefox 2.0 brings a slew of new features to millions of Internet users. One largely unheralded feature is the inclusion of the StartCom SSL certificate in the list of Certificate Authorities (CAs).

The cost of SSL

As detailed in SSL: How to choose a certificate authority, one of the factors that must be considered is the availability of the signing authority certificate in shipping versions of popular web browsers.

The cost of getting a signed certificate from one of the major CAs can run hundreds of dollars per year per host name. StartCom is one of very few CAs that will sign certificates free of charge. When you start adding up the fees for multiple web sites, the cost becomes significant.

Convenience counts

While self signing is also free of charge, users may have difficulties verifying the digital signature. They will also receive a pop up security warning unless they download and install the custom CA cert in their browser. While it does not compromise the encrypted connection in any way, it may raise suspicions with non web-savvy visitors.

With Firefox 2.0, users visiting a site with a StartCom signed certificate will get no warnings. This is of particular importance for retail sites that need SSL for shopping carts and credit card data entry.

Other browsers still in process

According to StartCom, they are actively working to get their CA certificate included in the shipping versions of Internet Explorer, Safari, and Opera. The next version of OS X should include the certificate. If they succeed, it will make SSL affordable to more sites and likely put a severe dent in the commercial SSL certificate business.

This work is licensed under a Creative Commons Attribution-NonCommercial 2.5 License.