Which Certificate Authority?

Jim Carter, 2006-12-13 (updated 2007-02-09)

Presently these hosts have X.509 certificates:
Host Application Purpose
Arachne Web, SMTP* Faculty web hosting
Cedar IMAP Faculty mail
Harlech OpenVPN Departmental VPN
Hollyfs Web Webmail (development)
Julia IMAP Faculty mail
Laguna IMAP Student mail
Malibu Web Moodle
Papyrus Web Webmail, secure pages
Sassafras IMAP Faculty mail
Simba Web Development
Spruce IMAP, SMTP Development
Sumac SMTP, Web* Department mail exchange
Tupelo IMAP Faculty mail
Walnut IMAP Student mail
Zuma Web Student web hosting
(* = acts as the hot spare for the primary server in this role)

Summarizing: 15 total, 7 used for IMAP, 7 web, and 4 miscellaneous. Additionally there is a web server on Bamboo01 which does not have SSL capability. We also have 9 users to whom certificates have been issued, mainly to use OpenVPN.

These certificates are signed by the Root Certificate of the UCLA-Mathnet Certificate Authority. Unfortunately, important classes of users do not have this certificate as a trusted certificate authority (CA), so they get a nasty message from their browser when accessing our secure web servers. We are therefore investigating if we should get our certificates signed by a CA which is shipped with frequently-used web browsers. First, here are summaries of some web information about certificate authorities.

How to Choose a CA

Dated 2006-06-05 (fairly recent), author's full name not shown.

Which CAs are pre-installed with the major web browsers? The author intersected the CA lists from MSIE-6, Firefox-1.5, Opera-8.5, Safari(Tiger), getting these. (Update: in 2007-02-xx Microsoft sent out an updated root cert list, which is essentially unchanged and does not include startcom.org.)

Browser popularity stats

These are from the Startcom website, and are believed to be the fraction of contacts to that site using the various browsers. Given that MSIE does not pre-install Startcom's root certificate, the statistics may be biased away from MSIE.
MSIE 53%
Firefox 30%
Mozilla 10%
Opera 2%
Other & Unknown 4%

Operating system identified in the same set of data:
Microsoft Windows 81%
Other & Unknown 12%
Linux 5%
Macintosh 2%

Certificate Authority Market Share

Dated 2006-12-01, no author's full name.

It appears that they took a universe of web servers, contacted them with SSL, dumped the issuing organization (CA), and reported the fraction of all web servers (with SSL capability) with particular CA's. The total number of web servers queried was 298100. The following list shows the commonly installed CA's listed above, and a few others, in order by market share.
CA Share Comments
Verisign 26%
Geotrust 21% Bought by Verisign
Thawte 14% Bought by Verisign
Comodo 5% Not in all browsers
(Next 5) 13% Not in all browsers
Entrust 1.4%
Cybertrust 0.1%
GTE 0.09%
CACert Inc 0.06% Non-common but free
StartCom 0.03% Semi-common but free
(88 Other) 20% All <= 1% each

Conclusion: I'll confine my research to the intersection of market leaders and pre-installed CAs. Here is a table of prices (in US dollars) as of 2006-12-13, except the Verisign deal is from 2007-02-07.
Vendor Premium Ordinary
1 Year 2 Year 1 Year 2 Year
Verisign Prices not available online.
  (UCLA Special Deal) $376 $752 $172 $344
Geotrust $599 -- $189 --
Thawte $1299 $2195 $199 $349
Comodo $399 $639 $139 $249
Entrust $199 $359 $159 $299
A service is also offered where you approve issuance of Standard certificates, at the list price, in your domain.
Startcom Certificates are free.

Of particular interest is Startcom. They began business around 2004 and are based in Israel. They are trying to get their root certificate pre-installed in popular web browsers, and have been more successful in the open source community. However, over half their hits were from browsers that don't have their root cert, so we would still need to give our users instructions for installing their root cert. In other words, they are definitely the value leader, but they don't meet our goal of serving our secure pages without complaints from the clients' browsers.

Buzz on the web indicates that Verisign is arrogant and hard to deal with. They are handicapped by being coy about their prices. I suggest we not consider them further. (Later update: At UCLA a number of departments indicated interest in negotiating a certificate deal, and the campus IT section did this with Verisign. The campus prices for Verisign certificates are shown.)

Of the remaining credible vendors, Comodo is the cheapest, but also doesn't have its root cert in all the leading browsers, hence would not meet our goal.

Before selecting any vendor we should do some research on the web to see how good their customer service is. (Update: the campus Verisign deal delegates authorization to our Software Central; in other words, they are allowed to declare authoritatively to Verisign that we have the right to use the name in the certificate. Hence we don't have to deal with the weasels at Verisign.)

Conclusion: Our four public web servers, which we have an operational need to make nice, are Arachne, Papyrus, Zuma and Sumac. If we go with the campus deal, we're committing to $172/year per cert, or $688/year. Unfortunately, this number is at the edge of the pain threshold, so it doesn't absolutely tell us whether to sign up or to reject the idea. If all 15 of our host certificates were traceable to the vendor the cost would be $2580/year, which clearly is not worth it.

I suggest the following steps: