Report: SSL Certificates Invalid For 219,000 Sites
Written by Fred J. AunFebruary 10th, 2009
It's possible the secure socket layer (SSL) certificates for nearly a quarter-million Web sites are invalid. And, added a site performance specialist, if those sites are involved in E-Commerce their operators are surely losing sales.
Peter Alguacil, an analyst at site monitoring company Pingdom, noted even large, global enterprises sometimes fail to renew their sites' SSL certificates. When they do, visitors are often presented with notices from their Web browsers telling them the sites are not verifiably secure for online transactions. Those customers take their credit cards and go elsewhere, Alguacil said.
This Story Is Only Available For Premium Subscribers. Click Or Login In Below To Read The Rest Of This Story.
Already a Subscriber? Login Here
2 Comments | Read Report: SSL Certificates Invalid For 219,000 Sites
Leave a Reply
Readers, specifically those who want to comment on a story:
Our Comment SPAM system is getting very aggressive these days and has been blocking legitimate comments. If you post a comment and don't see it appear within 2 hours or so, can you please send a heads-up to customer-service@storefrontbacktalk? Ideally, please include the time you posted the comment. That will allow us to try and hunt for it. Thanks! P.S. We're working on fixing the system, but we don't want to lose any valuable comments in the meantime.
Our Comment SPAM system is getting very aggressive these days and has been blocking legitimate comments. If you post a comment and don't see it appear within 2 hours or so, can you please send a heads-up to customer-service@storefrontbacktalk? Ideally, please include the time you posted the comment. That will allow us to try and hunt for it. Thanks! P.S. We're working on fixing the system, but we don't want to lose any valuable comments in the meantime.
-Ed
February 12th, 2009 at 8:43 am
So online retailers lose some business, so what (like a snowstorm that keeps people home). My concern is with this statement “global enterprises sometimes fail to renew their sites’ SSL certificates. When they do, visitors are OFTEN presented with notices from their Web browsers telling them the sites are not verifiably secure for online transactions. ”
The word ‘often’ suggest ‘not always, which suggests that sometime people are conducting online transactions that aren’t secure. Is that what was meant?
February 12th, 2009 at 6:42 pm
Lee you are spot on. “not always” means the browser is not keeping pace with technology and does not recognize expired CA’s or the site admin didn’t bother, can’t afford the CA’s fee to update the certificate.
And yes Mozilla might as well just launch a sign the says “take your money and run” those dialogues are doing the right thing, warning that buyer beware.
On the user side: I am looking for safe, reliable online retailers that offer human customer service and support. Additionally, I want to see all the signs that my information is secure like a green url bar that shouts “extended validation certificate found here”
As far as the retailers go, if they can’t extend a trustworthy environment to process financial transactions they will suffer the consequences of abandoned shopping carts, if the buyer even goes that far into the site.