Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Also its a terrible business model, unless you have a side job finding openssl vulnerabilities. Its just a windfall not predictable revenue.


My main issue was the way they responded to their users: https://twitter.com/startssl/status/453631038883758080

StartSSL exploited their customers during a time of crisis (yes, servers leaking private information is a crisis) and they deserve the negative PR they are receiving from it.

Many people have even been proposing that StartSSL be removed from the trusted CA lists included with OSs and browsers since so many StartSSL certificates will remain unrevoked, and there is a valid point to that.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: