joined:Apr 11, 2006
Whether it's people trying to stop NSA eavesdropping, or Matt Cutts saying he'd like to see sites with SSL rank higher in the SERPs, there seems to be a huge push to implement SSL. Thing is the bulk of sites are on Apache with a shared IP address. There seem to be multi-domain ("UCC") SSL certs for Windows, but the multi-domain solution for Apache seems to be SNI, but it doesn't seem like many people are using it and it's hard to find vendors that sell them.
In my reading it seems the biggest issue with SNI is compatibility - the two biggest unsupported groups are Windows XP users using Internet Explorer (about 1.1% of the visits to my sites), and Android 2 users using the default browsers (1.6% of visits to my sites). There are SNI-compatible browsers for XP, and I think the same is true of Android 2.
Clearly SNI hasn't reached the 99% compatibility threshold, but it may be at 95% compatibility - and for some sites it's probably a viable option if their numbers are slightly better than mine, or the site has a loyal following that is willing to change browsers to view the site.
All that brings up a few questions for me...
First, have any of you actually used SNI certs? What has been your experience?
Second, who sells them? I searched a number of SSL vendors I knew of and none seem to be advertising them.
Third, are SNI certs like other certs which can offer organizational verification or EV level verification?