I normally buy from GeoTrust because their phone verification system makes it simple to finalize the purchase. Not sure what GoDaddy is doing. I would recommend the cheapest Cert that can be recognized by the browser without a root certificate update. You don't need more than that, really. (In fact a self rolled SSL cert provides the same security - but will cause the browser to honk because the root server that generates the cert is not recognized. That's what you are really buying, the browser recognition of the root server.) -----Original message----- From: Fred Jones fredthejonester at gmail.com Date: Tue, 06 Nov 2007 10:02:47 -0800 To: Thelist thelist at lists.evolt.org Subject: [thelist] How to pick a Security Certificate > Today there are a myriad of companies offering a myriad of SSL Certs > with a slew of various options and prices. I remember once upon a time > that buying an SSL was pretty simple--you just buy it. :) > > I don't know what all these options are, but my guess is that the > cheapest ones must somehow not be worth anything, yet that the big > companies may not be necessary either. GoDaddy seems also to sell, along > with the big companies like verisign and thawte. > > I just want a 'normal' simple cert for a modest site so we can take CC > numbers on our store. That's all. > > Any advice? > > Thanks!