![](https://secure.gravatar.com/avatar/d029381275960df2c9ba702809aa4f49.jpg?s=120&d=mm&r=g)
On the heals of some of the most productive conversation I've seen on NANOG in ages, let me try another topic! I suspect most people on NANOG are in the same boat that I'm in, we operate some small number of domains for ourselves, friends, family, and projects we like. I suspect many of us are also security conscious and would like to use encryption as often as possible. Unfortunately to communicate with random folks on the Internet you need an "SSL Certificate" signed by a "Trusted Root". Ok, we can argue about that, but that's what I'm going to assume for my question. That could be a cert for a web server, a mail server, a jabber server, or even a personal e-mail certificate. What I've found is a few classes of service: - Totally free, but the Root CA is not well distributed (or other issues). - Free for "one" (perhaps one web, one e-mail) on a well distributed CA, major upcharge for more. - Services for businesses designed for maintaining multiple domains and certs starting at $high and ending at $crazy. I am _not_ looking for a free only alternative, but I am looking for a fee structure and price that makes _personal_ use economically workable. I'd love to support community based efforts, but the reality is random folks will be accessing my web site, sending me e-mail, etc, so I want certs that are signed by root certs that ship with OSX/Windows/Linux, they should "just validate". I also do not require "EV" certificates, although being able to get one for an upcharge might be nice. Are there any providers that target someone with my desires? What providers do NANOG folks use for their _personal_ needs? -- Leo Bicknell - bicknell@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/