CertSimple Fast painless EV HTTPS

We announced it in November, but now it's official: Symantec is the first of the large CAs to be providing DV certs for free. There will be at least one other major CA that will announce the same thing.

It's a response to market pressure and makes sense economically: DV certs don't require background checks, so cost next to nothing to produce. Originally StartSSL announced free DV certs for non-commercial purposes, then Heroku and Cloudflare announced free commercial use, and finally - but most significantly - Let's Encrypt has had a significant impact on the market in it's first six months.

Symantec's effort, dubbed 'Encryption Everywhere' is being offered via traditional '90s style web hosting control panels: both the certs and Symantec's various upsells are integrated into the hosts control panels. Hosts make an agreement with Symantec to push the upsells and get free DV certs in return.

Symantec will be charging for:

• ECC. Free certs are RSA only. ECC has better strength/performance than RSA, which makes it particularly suited to mobile devices.
• EV certs - for companies that need to prove their identity. Note: we sell EV certs, but we do it a lot differently from Symantec.
• Wildcards - the Baseline Requirements require a little extra work for CAs when issuing wildcards, see Section 3.2.2.6, but this is still automatable. We suspect the wildcard charge is simply because Let's Encrypt don't do wildcards.
• 'Site seals' despite the dubious merits.

The innovation that isn't happening

There's so much Symantec could do here but isn't:

• Running a working CA
• Making their EV process not take 5 business days
• Handling CSP and XSS warnings

But the word we get is that Encryption Everywhere was thrown together pretty quickly - Symantec didn't expect Let's Encrypt to have had the impact it has. It's a reshuffle of existing tech and offerings, and doesn't significantly differ from the Symantec we know and love.

Mike MacCana, founder at CertSimple.

CertSimple makes EV HTTPS fast and painless.

CertSimple uses unique technology to provide EV HTTPS certificates 40x faster than other vendors. We check your company registration, network details, physical address and flag common errors before you pay us, provide specific validation help for your company, update in realtime during the validation process, and even check your infrastructure to help you set up HTTPS securely.
Prove your identity now!