It could be a bit cheaper, but I'd hope SSL certificate vendors would be putting some work into identity verification. You know, making sure the person with an @gmail.com e-mail is the right person to send the gmail.com SSL certificate to. That could mean manually checking scanned copies of legal documents, making some phone calls, maybe even faxing or sending some things by post. Look at all these requirements Mozilla have to include your CA certificate! http://www.mozilla.org/projects/security/certs/policy/Inclus...

$60 sounds a little high to me, but if you think you could do it for substantially less, why not set yourself up in competition with them?

Because I was commenting on the price for a dev certificate. There are already free ssl certificates for https that doesn't cost anything, or only 10 usd/year.

In that case, it is harder to provide. As far as I know, most SSL certificates just validate the domain name, while code signing certificates validate the developer/company identity.