For those of you that have been following the InstantSSL and GeoTrust debate a few threads back will find this interesting.

Looks like Comodo (InstanSSL) is really on the move now. I got this in my mailbox this morning.


As you know it is our mission to provide you with the best certificates at the best prices. Part of our strategy sees us partnering with best of breed CAs in order to deliver the InstantSSL product family to customers and resellers. Such strategic partnerships help keep our costs low, and in return we pass those savings onto you and ensure we retain our position as cost leader in the market.

It is therefore with our great pleasure that we announce that as of August 28 2002 we will be partnering with Baltimore Technologies, resulting in InstantSSL having a industry leading 99% browser ubiquity:


InstantSSL is as trusted as Verisign & Thawte (who both have 99% coverage)

InstantSSL is considerably MORE trusted than GeoTrust (who only have 95% coverage)



InstantSSL is now inherently trusted by Internet Explorer 5.00 and above and Netscape 4x and above. This means that anyone with base installs of the following operating systems will now trust InstantSSL Certificates by default - without the need to upgrade their browsers:


Windows 98SE
Windows 2000
Windows ME
Windows XP


For more details on how this new compatibility compares with other CAs please visit www.whichssl.com (http://www.whichssl.com).

As this browser ubiquity represents by far the majority of the consumer market, InstantSSL Certificates are better than ever!



Also of note is the fact that yesterday freessl reported Baltimore was great ...

Today ... not so

geotrust seems to change the facts according to Comodo's press releases!!!

Here are before and after screen grabs of the freessl site:

Before (http://www.ssl4less.com/for.gif) when they were saying that Baltimore Technologies was a good thing:

And this is the screen grab as of this morning
after (http://www.ssl4less.com/notfor.gif) the press release came out about the new partnership that put geotrust in the back seat with browser recognition.

I think this may be of help to the people that are needing ubiquitous SSL certificates at an affordable price to protect their domains with.

InstantSSL is now inherently trusted by Internet Explorer 5.00 and above and Netscape 4x and above.


Thawte and Verisign are compatabile with IE 4.X and both claim 99% compatability. I'm not sure how InstantSSL can claim the same when their cert doesn't support IE 4.X browsers according to this release. :eek:

I guess when you are talking about 40bit certificates you are right.

We are talking about the real deal 128bit certs.

http://www.thawte.com/html/RETAIL/ssl/techdetails.html

States that the 4.x browsers are only good for 40bit certs.

Here is some nice ecryption methods compared if you are interested:

http://security.tao.ca/crypt.shtml

Anybody has good experiences reselling InstantSSL certificates from Comodo? Im just about to signup for their partner reseller program but am still undecided whether or not to go ahead as they require a minimum $200 deposit to begin with..

Originally posted by ck
Anybody has good experiences reselling InstantSSL certificates from Comodo? Im just about to signup for their partner reseller program but am still undecided whether or not to go ahead as they require a minimum $200 deposit to begin with..

I have bought a couple of certs of them, and I have to say so far so good. There service is extremely fast. I managed to strike a deal with a person called anthony if that may help you

Originally posted by labzone


Thawte and Verisign are compatabile with IE 4.X and both claim 99% compatability. I'm not sure how InstantSSL can claim the same when their cert doesn't support IE 4.X browsers according to this release. :eek:

Hello all,

The 99% figure is determined from a number of sources - e.g. the browser watch sites which will give an indicator as to the current browser population.

If we went purely on our weblogs (which of course we don't) then we'd claim 100% compatibility as we haven't had a pre-IE 5.00 visitor for some time now. However our weblogs alone are not a good enough representation in my opinion.

Of course the question begs as to who may still be using IE 4.00 and whether they are really the people who will be buying online or even requiring security. IE 4.00 was, put politely, flawed in usability and security implementations. But that's another thread I'm sure.

The real compatibility is achieved through Operating System releases - and being compatible a base install of Windows 98SE sees a huge advantage for InstantSSL.

Regards,

Steve Waite

If we went purely on our weblogs (which of course we don't) then we'd claim 100% compatibility as we haven't had a pre-IE 5.00 visitor for some time now. However our weblogs alone are not a good enough representation in my opinion.


I doubt you can claim 100% compatabilty based on site visitors. My web browser stats for anyone interested.

Originally posted by labzone


I doubt you can claim 100% compatabilty based on site visitors. My web browser stats for the month if anyone is interested.

I appreciate your difference in stats. Every site will no doubt yield different results.

However our site visitors are always people after SSL Certificates, and these people tend to have the later versions of browsers. This is why we don't quote them - it's not a fair represention of the market.

I've just had my ear bent by one of our Mac based resellers, sorry I forgot to also mention the Mac compliancy:

Mac OS 8.5
Mac OS 9.x
Mac OS X

Cheers

Steve

we resell comodo and have no complaints, its great when you can get a known customer a cert in 10 minutes for under 50 bucks, we used to use openSRS for certs but that was a bit of a nightmare and days waiting plus twice the price

Originally posted by Weberz


InstantSSL is as trusted as Verisign & Thawte (who both have 99% coverage)

InstantSSL is considerably MORE trusted than GeoTrust (who only have 95% coverage)

You seem to confuse trust and security, although a basic concept in nature. I thought I already answered your question on why I think that instantssl is untrustworthy.
They had their chance and they blew it; what part don't you understand?

Originally posted by Marshall

You seem to confuse trust and security, although a basic concept in nature. I thought I already answered your question on why I think that instantssl is untrustworthy.
They had their chance and they blew it; what part don't you understand?

Enlighten me with your reasoning here. I seemed to have missed that thread. Don't put a URL to the thread.

I want to hear what you have to say in one satement.

Then I will proceed to tell you how this trust that you are talking about is just about BS.

Btw, who do you resell for?

Originally posted by Weberz


Enlighten me with your reasoning here. I seemed to have missed that thread. Don't put a URL to the thread.

I want to hear what you have to say in one satement.

Then I will proceed to tell you how this trust that you are talking about is just about BS.

Btw, who do you resell for?
The last time you asked me to back a claim, I obliged with no prejudice whatsoever thinking that you had your customer's best interest at heart; you chose to simply ignore it which in essence shows what kind of a person you are.
Doing a search for you is out of the question, as for the reselling part.........give me a break.

Nothing to back your claim up with. I thought as much. If Neal wants you to post on these forums just tell him to do it himself, it will cut out a lot of hassle.

Otherwise backup your claim or shutup. That sounds simple enough. Can you handle it?

You don't know me. Don't pretend like you do.

Originally posted by Marshall

You seem to confuse trust and security, although a basic concept in nature. I thought I already answered your question on why I think that instantssl is untrustworthy.
They had their chance and they blew it; what part don't you understand?

Marshall, do you understand SSL market? Do you understand what "trusted" means when talking about root keys?

obviously not, you intentinally are trying to do sh*t throwing. Thats not right.
instantssl is trusted by more browsers than geotrust certs. this is a FACT. The statement that instantssl certs are as trusted as Verisign certs is a FACT too.

if your intention is to try to divert the conversion into how big each companies are etc then you are either very naive in the ssl market or you work for Geotrust ;) (i think the latter:D )

But hey so what, lets have a group hug with geotrust guys ;)

Hosty

Originally posted by Weberz
Nothing to back your claim up with. I thought as much. If Neal wants you to post on these forums just tell him to do it himself, it will cut out a lot of hassle.

Otherwise backup your claim or shutup. That sounds simple enough. Can you handle it?

You don't know me. Don't pretend like you do.
Apart from Comodo, name me one CA that distributes spyware such as trusttoolbar, engages in deceitful practices such as selling their own Cert while themselves using a Thawte Certificate to take orders*, pretends to have security experts that do nothing more then point and click an interface provided by another company, and uses dhtml for site authentification.

*they did when they started, do a search on this board

1. How is trusttoolbar spyware. Back it up with facts.

2. I still use a geotrust cert and will until it expires. Why throw away a good cert. I don't have money to burn. Do you?

3. Tell us more about point and click. Sounds like you work for them. I would imagine that that point and click that you are talking about is one click more than your company does with your quickssl product.

Originally posted by Marshall

Apart from Comodo, name me one CA that distributes spyware such as trusttoolbar, engages in deceitful practices such as selling their own Cert while themselves using a Thawte Certificate to take orders*, pretends to have security experts that do nothing more then point and click an interface provided by another company, and uses dhtml for site authentification.

*they did when they started, do a search on this board

Group hug everyone its Marshall the Geotrust guy :stickout

Joke aside:

Marshall the Geotrust guy, you haven't got a clue have you dude! Comodo has one of the best Cryptographers in the world, called Dr Colin Walter. This guy is an invited speaker in RSA conference heads the CHES etc. Check out amount of the work this guy has done in cryptography at
Marshall the Geotrust guy, check out comodo website re: Dr Colin Walter and his work, its pretty impressive!

http://www.comodo.net/research/cryptography/index.html

so, stop throwing sh*t just because your company geotrust does not have good techies and world leader experts like comodo in cryptography.

thawte cert? what planet are you broadcasting from, i just checked instantssl and they use their own certs. again you are trying to do sh*t throwing.

Marshall the geotrust guy, call me a synic but are you doing all this sh*t throwing because comodo now offer a better cert that is trusted by more browser while, unlike you geotrust guys, instantssl offer proper validation and they do that instantly and do it at less than half the price you charge for your geotrust certs which are NOT trusted by win98 or IE5.00 ? And that makes Geotrust's existence, i don't know how to put it, but lets be polite and say, not viable.

Afterall, why would anyone pay Geotrust 2.5 times to buy a Cert that is NOT as trusted as InstantSSL, NOT validated properly unlike InstantSSL.

Just a thought;)

Hosty

thawte cert? what planet are you broadcasting from, i just checked instantssl and they use their own certs. again you are trying to do sh*t throwing.

A while back they were using a Thawte cert i checked it myself. And if you don't believe me do a search on the board as said before. Further more why do you think Marshall is working for geotrust. That is the same as when I say you are working for the FBI because you want to kill al-quada.

my 2 Eurocents

Originally posted by Starhost

A while back they were using a Thawte cert i checked it myself. And if you don't believe me do a search on the board as said before. Further more why do you think Marshall is working for geotrust. That is the same as when I say you are working for the FBI because you want to kill al-quada.

my 2 Eurocents


I checked and you are right they have used thawte cert in the past. but this still doesn't change the fact that marshall the geotrust guy has been engaged in sh*t throwing exercise. And this still doesn't change the fact that InstantSSL certs are more trusted than Geotrust, validated properly and cost less than half, does it Starhost?

how did you know I was planning on killing Al-Queda? Oh no, I am exposed! :bawling:

Hosty

Originally posted by Marshall

Apart from Comodo, name me one CA that distributes spyware such as trusttoolbar, engages in deceitful practices such as selling their own Cert while themselves using a Thawte Certificate to take orders*, pretends to have security experts that do nothing more then point and click an interface provided by another company, and uses dhtml for site authentification.

*they did when they started, do a search on this board

Marshall the geotrust guy: Which other company? if you are referring to trustlogo its owned by Comodo just like instantssl is, dude, you really haven't got a clue or really doing a good job at pretending to be stupid:D

before you open your mouth (or start typing) check your facts, you are nothing but a sh*t thrower go get a life or ask your ceo to give you a hug!

Hosty

Originally posted by hosty



I checked and you are right they have used thawte cert in the past. but this still doesn't change the fact that marshall the geotrust guy has been engaged in sh*t throwing exercise. And this still doesn't change the fact that InstantSSL certs are more trusted than Geotrust, validated properly and cost less than half, does it Starhost?

how did you know I was planning on killing Al-Queda? Oh no, I am exposed! :bawling:

Hosty
Thank you for agreeing on the undisputed fact that they used deceitful business practices to gain sales.
While it is entirely up to business owners to make their own decision as to whether they would like to be associated with such a company; I feel that the truth must be told as it is - deceit is unacceptable no matter how you look at it.

Speaking of deceit, why do I get a feeling these SSL threads are filled with less than impartial parties?

I don't understand how a thread started by a simple fact that
InstantSSL has increased their browser compatibility became such a nasty debate between low priced SSL certificates.

I haven't used any certificates besides InstantSSL so I really can't have an unbiased opinion, so I'm just going to state that their sign-up process was quick, painless, and easy. I had a valid and working certificate installed within 24 hours, and it was delayed because I had to setup a dedicated IP for my hosting account.

Originally posted by adland II
Speaking of deceit, why do I get a feeling these SSL threads are filled with less than impartial parties?
You too? Well, if this thread is helpful in some way, then so be it, but it goes to bed now...