There is a real opportunity for Google to shake up a market that has been something free ssl certificate of a business backwater, with very little innovation in business models or approach. But what exactly should Google do? I think there are three goals that Google should be advocating: raising the minimum fee for domain registrations, offering free SSL certificates with domain registration, and developing community-driven policies around takedowns.
Advocate Raising Domain Name Prices
Yes, you read that right. I am advocating for higher prices for domain registration. Now, it’s important to state right away, Google doesn’t have the ability to raise the price of domain names. That ability rests affiliate plugin wordpress with ICANN, the Internet Corporation for Assigned Names and Numbers, which promulgates agreements that set the base price with organizations called registries. For the .com domain registry, which is currently run by VeriSign, the maximum price that ICANN allows VeriSign to charge as a registration fee is $7.85, plus a $0.25 fee for ICANN itself.
Thus, when you buy a .com domain name, you pay this VeriSign fee (which is probably lower in actuality due to volume discounts), the ICANN fee, and credit card processing fees. The incredible competition for domain registrations has meant that the price of domain names comes very close to these three expenses. Since domain registration is so cheap, buying up dozens, hundreds, or even thousands of domains – with the hope of brokering their sale to others – has long been a major business. As any startup founder knows when searching for a domain, it is possible to try hundreds of combinations and still not find an open domain name. Furthermore, most of these domains will be empty, or have a “buy now” link on them. Not surprisingly, following these links will often lead to an obscene price quote in the several thousands of dollars, since the domain name resale model requires such prices to be profitable.
Some of this activity is being thwarted with the introduction of new generic top-level domains (thereby increasing the supply of domains), but higher prices on .com domain registrations could dramatically reduce the amount of pollution in that namespace, without causing too much pain for those who own a single or domain or a small handful. Google could help lead a charge at ICANN to encourage it to look into the pricing of .com domains, and consider the effect of cybersquatting and its relationship to registration fees. Offer Complementary SSL Certificates With Every Domain
Security has been on the minds of everyone on the Internet. As I wrote about just a few weeks ago, security has never been more important for startups and small businesses alike on the web, and yet, the tools needed ssl certificate providers list to make the web more secure remain obtuse and difficult to use properly.
This is particularly the case with SSL certificates. In order for websites to properly use HTTPS, the more secure version of the typical HTTP Internet protocol, they need to have a certificate that is validated by a Certificate Authority.
While it is possible to self-sign these certificates using standard command-line tools, these do-it-yourself certificates generally raise warnings in major browsers to end users. No store wants a warning saying that a connection might be insecure during a checkout process, and so everyone ponies up to one of the major Certificate Authorities to ensure that the most number of browsers will recognize a certificate.
The cost for these SSL certificates remains high. At VeriSign, the basic product, the “Secure Site” certificate, is $399 for a one-year registration. At NameCheap, the basic product is $9 per year, which is almost the price for a domain registration in the first place (the difference in these prices appears to be in the amount of insurance offered alongside the SSL certificate).
Building a more how does ssl certificate work secure Internet means changing many of our defaults from insecure options to secure options. One area that Google could truly shine here is to make SSL certificates automatic upon purchase of a domain, with the necessary paperwork included as part of the checkout flow. Then, with its own products and partnerships with third parties, it could ensure that HTTPS is the default protocol for all users and applications from the moment they register their domain.
Moving people to SSL and HTTPS will not solve all security problems on the web, but it certainly is an important step, particularly for Google’s intended small business users who are likely less knowledgeable with domain and web server management.
Reform Domain Takedowns importer plugin