Comments on: DigiCert partnership enhances SSL security on Wikimedia sites

By: Carl

Carl — Tue, 15 May 2012 21:01:09 +0000

Why is Wikimedia not having their own SSL-Service… i mean Wikimedia is big enogh to provide such a service, maybe for other open source projects too?

By: mwjames

mwjames — Fri, 11 May 2012 05:40:20 +0000

Having a vendor to support the specifics that WMF is required makes certainly sense but on the other hand not being able to disclose particulars of the contract is somehow disturbing.

Notions like “we got a good deal” have to been put into relations as that to what “good” means. Fundraising money is used to serve the contract but it should be clear on which terms that will happen and a bit more transparency should work for both DigiCert, and WMF.

By: CT Woo

CT Woo — Thu, 10 May 2012 17:15:19 +0000

Our biggest challenge when selecting the SSL provider was to find someone willing to custom-make one for us, specifically, a certificate that supports both wildcard.domain name as well as wildcard.subject alternative name. All SSL vendors do provide the *. feature and only 2 entertained the idea of issuing a custom wildcard SAN. Given our URL structure and the number of languages we support, not having an SSL certificate with wildcard SAN is a major issue.

Unfortunately the contract prohibits us from disclosing the cost, however we got a good deal.
Thanks.

By: M. Soros

M. Soros — Wed, 09 May 2012 21:07:06 +0000

I agree with Mike Peel. The announcement is lacking some details.

By: Mike Peel

Mike Peel — Tue, 08 May 2012 17:10:24 +0000

Interesting. I’m curious to know whether open source projects were considered in selecting the WMF’s SSL provider (were options such as OpenSSL considered?), and also how the selection process was organised (was there a RfP or tendering process?).

Also, would the WMF be able to share how much this commercial solution costs?

Thanks,
Mike