[Cryptography] So long to Startcom

John Levine johnl at iecc.com
Sun Dec 3 10:48:57 EST 2017 

This showed up this morning.

For a long time Startcom was the only CA that provided free DV
certificates that worked in most browsers.  Their business model was
to upsell you to other stuff.  But they were always rather opaque,
with the opacity reaching the breaking point when they sold themselves
to a Chinese company and didn't bother to tell anyone.

These days there's little reason to use anyone other than Let's
Encrypt for DV certificates.  Other CAs offer warranties for their
pricey certs, but as far as I can tell nobody cares and the warranties
are so narrowly drawn that nobody's ever collected.

R's,
John

================================================================
Date: Sun, 3 Dec 2017 04:07:00
From: StartCom CertMaster <cmsmaster at startcomca.com>
Reply-To: no-reply <no-reply at startcomca.com>
To: x at x
Subject: StartCom temination announcement


This is an automatically generated email, please do not reply.

Dear customer,

As you are surely aware, the browser makers distrusted StartCom around a year
ago and therefore all the end entity certificates newly issued by StartCom are
not trusted by default in browsers.

The browsers imposed some conditions in order for the certificates to be
re-accepted. While StartCom believes that these conditions have been met, it
appears there are still certain difficulties forthcoming. Considering this
situation, the owners of StartCom have decided to terminate the company as a
Certification Authority as mentioned in Startcom´s website.

StartCom will stop issuing new certificates starting from January 1st, 2018 and
will provide only CRL and OCSP services for two more years.

StartCom would like to thank you for your support during this difficult time.

StartCom is contacting some other CAs to provide you with the certificates
needed. In case you don´t want us to provide you an alternative, please,
contact us at certmaster at startcomca.com

Please let us know if you need any further assistance with the transition
process. We deeply apologize for any inconveniences that this may cause.


Best regards,

StartCom Certification Authority

More information about the cryptography mailing list