Access to www.gnupg.org only via TLS

Robert J. Hansen rjh at sixdemonbag.org
Thu May 1 15:09:04 CEST 2014


>> Yeah, I don't quite see your point. They are providing
>> a very valuable service for free, and charge a nominal
>> fee for revoking a cert.
> 
> 24.9 USD can hardly be considered a nominal fee when applied against
> something that was supplied free of charge.

Sure it can.

It's pretty foolish to expense something only by its opening cost.
Instead, good practice is to amortize the expenses of opening, closing
and maintenance over the expected life of the resource.  Free to open,
*possibly* free to close (if the cert expires) and $24.99 otherwise, and
no maintenance costs, is pretty easy to expense.

What's the probability you'll need to revoke a cert?  Call it one in
five each year and you'll be probably overshooting.

Opening costs:                     $0.00
Maintenance costs:                 $0.00
Probabilistic closing costs:       $5.00
=================================================
Total operating costs:             $5.00 per year

$5 per year for an SSL cert is pretty hard to beat.  Yes, *this* year
it'll cost you $25, but that's because of an event already baked into
your risk model.




More information about the Gnupg-users mailing list