From owner-freebsd-questions@freebsd.org  Mon Dec 19 16:05:44 2016
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id E9D24C8722A
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Mon, 19 Dec 2016 16:05:44 +0000 (UTC) (envelope-from johnl@iecc.com)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net
 [IPv6:2001:470:1f06:1126::2])
 (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits))
 (Client CN "miucha.iecc.com",
 Issuer "StartCom Class 1 DV Server CA" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 8E3AA1EAA
 for <freebsd-questions@freebsd.org>; Mon, 19 Dec 2016 16:05:44 +0000 (UTC)
 (envelope-from johnl@iecc.com)
Received: (qmail 96637 invoked from network); 19 Dec 2016 16:05:45 -0000
Received: from unknown (64.57.183.18)
 by mail1.iecc.com with QMQP; 19 Dec 2016 16:05:45 -0000
Date: 19 Dec 2016 16:05:17 -0000
Message-ID: <20161219160517.18271.qmail@ary.lan>
From: "John Levine" <johnl@iecc.com>
To: freebsd-questions@freebsd.org
Cc: simon@optinet.com
Subject: Re: ssl certificate
In-Reply-To: <20161219154412.93158.qmail@submit.iecc.com>
Organization: 
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset=utf-8
Content-transfer-encoding: 8bit
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Dec 2016 16:05:45 -0000

>>Exactly like the root DNS servers. Do you have problems with those?
>
>No, not exactly. DNS root servers are paid for via domain fees (ICANN).

Misinformation like this is not helpful.

ICANN runs the L root.  The other 12 are run by other organizations on
essentially a handshake basis, with no money changing hands.

>So when I find free domain registration service for my domains it will be
>just like LE, but until then...  ya, I have a problem, I want it free!

You might enjoy .tk.  Domains are free, $0.

In the meantime, sensible people are all getting their certs from
Let's Encrypt.

R's,
John