To Buy A Cert Or Not To Buy A Cert?
Saturday, July 5th, 2008Today I received some insightful feedback from a reader named “Shirley” from velvetblues.com regarding her experience using fileai.com. In her comment she said that she “received a security warning and opted out” when trying to use the site for the first time.
Unfortunately, I understand where she’s coming from. In this day an age, when you’re browsing the web and a window pops up entitled “Security Warning” most peoples’ initial reaction is to click the “Cancel” button. The problem is, that’s the way Signed Java Applets work on today’s modern browsers, and a Signed Java Applet is what enables fileai.com to do cool things like accept drag-and-drop files, negotiate through gnarly firewall and router network configurations, and transfer files directly without having to upload them to a server.
There is one thing I can do to make the Security Warnings a little less scary, but it’ll cost me $300 - $500 to do so. 
If I purchase a Code Signing Certificate from Verisign or Thawte (the same companies that sell SSL Certificates that make web pages secure) then my Signed Java Applet Security Warnings will change from this:
to something like this:
(Obviously they won’t say “Northwestern University”, but you get the idea.)
So I guess the questions is: If I spent the $300-$500 to buy a Code Signing Certificate to make the Security Warnings say that my Signed Java Applet was “Verified”, would that make any of you more willing to click “Run” or “Trust”? Or is just the fact that there is a Security Warning staring you in the face enough to make you go somewhere else?
Thanks for all the great feedback, and please keep it coming! 
