Gandi Bar - Tag - Domain names - Comments

И лове РФ - Drew

Drew — Tue, 01 May 2012 06:28:04 -0400

For the record, that should be «я люблю РФ»

И лове РФ - Alexander

Alexander — Wed, 04 Apr 2012 15:45:03 -0400

It's very good!

I think, title could be "Ай лав РФ" that means a transciption of "I love RF".

И лове РФ - Some Russian guy

Some Russian guy — Fri, 23 Mar 2012 01:15:00 -0400

"Olga the masseuse?" What a classy joke.

ICANN - domain name extension liberalisation - who benefits? - MJ Ray

MJ Ray — Tue, 26 Jan 2010 15:37:14 +0100

Dominic Search has an interesting comment, but cooperatives are far from arcane organisations and I thought Poptel broke up rather than exactly going defunct (although I suspect it might have gone that way if it hadn't) because of its lack of asset lock.

Why domain name services are not all equal - منتدى

منتدى — Sat, 26 Dec 2009 04:57:11 +0100

Hi Joe, thanks for your very kind comments (and great name). It almost looks like I've written this myself!

Anyway, thanks again, and we hope to continue to bring you and your clients great products and services for many years to come. Take care,

Why domain name services are not all equal - watches

watches — Tue, 01 Dec 2009 01:42:05 +0100

I can no longer use Gandi for various reasons, and finding a decent alternative is proving quite difficult.x1201

Why domain name services are not all equal - metin2 yang

metin2 yang — Fri, 23 Oct 2009 10:41:09 +0200

wow gold wow gold wow gold wow gold wow gold wow gold wow gold

Why domain name services are not all equal - Zhang

Zhang — Sun, 05 Apr 2009 02:30:36 +0200

I just noticed that miconian.com (Mentioned at your post) just changed their registrar to Dreamhost.

One domain name, one certificate - Romain

Romain — Wed, 01 Apr 2009 08:40:15 +0200

It seems that EV SSL are great but the green bar doesn't display in IE !! Do you know why ?

Why domain name services are not all equal - wow

wow — Tue, 24 Mar 2009 01:29:39 +0100

wow......

8 Things a Domain Thief Loves - Shiju Alex

Shiju Alex — Fri, 20 Mar 2009 11:57:05 +0100

Good job...

I have a few suggestions, mostly regarding contact info.

# It is a good idea to enable privacy protection
# Whether or not you have enabled privacy protection, be sure to have valid contact info.
# The contact email ids are very important. Never make a foolishness like have a contact mail id on an expired domain (and leave the domain unlocked)

One domain name, one certificate - Nicolas (Gandi)

Nicolas (Gandi) — Mon, 09 Mar 2009 12:48:40 +0100

Fulgan: See comment #15 and contact our customer care team
Regarding your questions, we don't support custom OIDs in our certificate for the moment and SubjectAltName extension are not proposed for the moment, we will probably add a intermediary offer with 2 or 3 CN included.
Our intermediate CA are available here http://en.gandi.net/ssl/documentati... and our root CA here http://crt.usertrust.com/AddTrustEx...

One domain name, one certificate - Fulgan

Fulgan — Mon, 09 Mar 2009 10:20:39 +0100

Hello,

I was kinda excited by the announcement because, like you, I strongly believe that SSL must be much strongly tied to the DNS system and this for many reasons, only a few of them being that it will make securing "low budget" domains stronger.

However, I wasn't surprised to see that the announcement is misleading: with the fact that you get a single SSL cert per registered DNS and the fact that it's only for a single year, the real mellow of that specific bone has been removed and it's now just a promotional introduction offer instead of a real step forward.

Don't get me wrong: it IS a good offer and the price is really interesting. Even though I'm apparently too good a customer to be eligible for this offer (I register my domains for 3 to 5 years, usually, and thus none will expire before the end of the promotion), I will still be interested the next time I need a "public" X509 certificate.

A few questions remains, though:
- Will you support SubjectAltName extension in certificate requests ? (OID 2.5.29.17) If yes, will there be additional costs involved ?
- What is your root CA ? Ideally, do you have a web page that is signed with your production authority so we can check the chain and compatibility with browsers and applications ?
- Will you support custom OIDs in the certificates ? If yes, will there be additional costs involved ?

Thank you,
Stephane

One domain name, one certificate - Leland

Leland — Thu, 05 Mar 2009 14:23:37 +0100

@Jonas (#21)

I just tried with Safari 3.2.1 myself, and it defaulted to english for me -- even though the language cookie isn't listed in my Safari... (/me investigates further)

hmm...

Update

Okay.. looking into this I think I have isolated the answer. You mentioned that you have set the Accept-language header to nl-nl... I removed the cookie and did the same in Firefox and sure enough the page defaulted to french. The long and short of it is the site defaults to french without cookie. If you set a language preference in the browser, but it is a language that is not recognised or supported by the gandi website, again it will revert to its default language (French). If the language is recognised and supported, it will attempt to use that instead. If the language cookie is set, this overrides the browser preference.

HTH

Leland

One domain name, one certificate - Jonas

Jonas — Thu, 05 Mar 2009 13:14:22 +0100

@Leland

I'm using Safari 3.2.1. For .gandi.net I have a 'currency' but no 'language' cookie. It also turns out that my language isn't even saved within the same session. I hadn't noticed this because of the redirect to en.gandi.net.

I just tried Firefox and this browser does indeed store the 'language' cookie. The default language (sans cookie) was French, despite having the 'Accept-Language' header set to 'nl-nl'.

One domain name, one certificate - nibl

nibl — Thu, 05 Mar 2009 03:47:59 +0100

Is this a single root or chained root certificate?

I don't see Gandi listed as a known CA in Firefox 3.0.6, so which authority/authorities is Gandi using?

Thanks.

One domain name, one certificate - Steve

Steve — Thu, 05 Mar 2009 01:36:22 +0100

Is there any need to whine so much, people? Obviously Gandi are SSL resellers from a higher authority; otherwise they'd have to go back in time and have their cert added to browsers from years ago to make it actually work properly. Renewal after the year is optional, and it's a pretty low price anyway.

My company's SSL certs are up for renewal in May and I'll certainly be having a good look at Gandi's offering, as they've been so good with everything else I've bought from them in the past.

One domain name, one certificate - Tom Chiverton

Tom Chiverton — Thu, 05 Mar 2009 00:32:50 +0100

@Stephen: Cheers, email sent ! It is an excellent deal, and a lot better experience than elsewhere too

One domain name, one certificate - Leland

Leland — Wed, 04 Mar 2009 13:45:08 +0100

@Jonas (#10) concerning your issue with the site language. It seems that your browser is not storing a specific cookie used by the website to remember the language preference.

Specifically, the name of the cookie is simply "language" with a content indicating the country code corresponding to the preferred language. It is applied to domain *.gandi.net and sent for any type of connection. It generally has a 90 day life time as far as I can tell.

Using firefox and IE, the gandi website (as well as the wiki, groups, and gandibar) all default to english for me (and I'm actually at Gandi in Paris) as stored in my language cookie (English is my native language, so suits me perfectly!).

You might want to check that your browser is accepting and storing the appropriate cookies from Gandi.net. (In firefox, for example, the cookies associated with the page can be found under Tools -> Page Info -> Security -> View Cookies.)

Hope that helps!

Leland

One domain name, one certificate - joe (Gandi)

joe (Gandi) — Wed, 04 Mar 2009 12:05:49 +0100

Hi El Bunto,

I believe you can purchase a certificate per sub domain, e.g. buy several of the 1 sub domain certs, rather than buying the unlimited one which as you say is much more expensive. This way you can vary the cost with the number you need. Does that help?

Joe

One domain name, one certificate - Stephan

Stephan — Wed, 04 Mar 2009 10:03:11 +0100

Jonas : The french version is also clearer now, I modified it. It's always tricky to communicate, so thanks for asking the right questions.

Wolfgang : we are your CA certificate. The fact we've licensed a technology doesn't mean we're not really your authority of certification. We are declared like that, and I guess it's all that really matters at the end.

Tom/Ano/El Bunto : Thanks for the feedback We appreciate your concerns, and for the effort of posting here, I'll make sure you'll benefit from a free certificate with your domains (1 year is already a great offer, as you recognized !). Hope it helps :D
Please contact our support we'll deal with it.

One domain name, one certificate - El Bunto

El Bunto — Wed, 04 Mar 2009 08:53:21 +0100

I'm not pleased with GANDI regarding this scheme.

First, I renewed my domain early after receiving the `domain expiring in 30 days'' communication to prevent any problems with payment processing. So although my domain renews on 10th March, I am not eligible for this free certificate. Why not?

Secondly, the vast gulf in prices for one cert versus an unlimited number appears to be deliberately designed to sting those people who need two or three certs. Why did GANDI not offer a sliding scale of pricing instead of assuming that those who need more than one cert must purchase an infinite number?

One domain name, one certificate - Anonymous

Anonymous — Wed, 04 Mar 2009 08:37:57 +0100

Regarding comment 11: Based on the documentation in the wiki at http://wiki.gandi.net/ssl, it looks like Gandi lets you generate a CSR yourself and submit that. A CSR includes only the public key, not the private key.

Regarding comment 10: Yeah, same problem here. I registered my domain two months ago. I wonder: does renewing early, as in adding a year to the end of the registration, let me take advantage of the free certificate offer?

Regarding the various comments about misleading advertising: only one struck me as misleading, namely the word "renew". I interpreted the offer as "each time you renew your domain you get a free certificate for a year", which would *rock*. When I realized it only meant one free year total, that seemed slightly less awesome, though still nice. And your prices still beat many other certificate authorities.

One domain name, one certificate - Wolfgang Rupprecht

Wolfgang Rupprecht — Tue, 03 Mar 2009 21:43:01 +0100

If Gandi were to sign my CA certificate, that might be worth something, but I'm not sure when I would trust a certificate where the private key was generated by an outside entity and where the only barrier to someone else getting a key with a a similar CN is an administrative one.

One domain name, one certificate - Tom

Tom — Tue, 03 Mar 2009 19:55:11 +0100

Ace !
Except... I renewed my domains just the other week, and obviously missed this offer, which is only going to run till the end of the year, apparently. Bah.

One domain name, one certificate - Jonas

Jonas — Tue, 03 Mar 2009 18:51:42 +0100

Well, in the French version of http://www.gandi.net/ssl/ there's no mention of the one year limit in the title ("Un certificat SSL standard inclus gratuitement* avec votre nom de domaine !").

On a side note. It's really annoying that everything I visit Gandi.net, I first get served the French version. It never gives me the English version even though I'm using a Dutch version of my OS and browser. Also, when I switch languages, it never remembers this choice between sessions. I'm guessing I get served the French version because I'm log in from Brussels.

Anyway. I did overreact--sorry for that--but you guys do sort of have a history with making your services look cheaper than they are (e.g. changing prices after the beta period; mentioning prices with VAT not included). You shouldn't. You're the best already!

One domain name, one certificate - El Bunto

El Bunto — Tue, 03 Mar 2009 18:02:35 +0100

I was very excited by this announcement, but was then disappointed at the binary pricing scheme. I would require certificates for two subdomains but this results in an eight-fold increase in cost!

Perhaps Gandi would consider a sliding scale of prices? There is a spectrum of requirements between one domain and unlimited domains.

Dodgy domain practices, the story contines... - Rhys

Rhys — Tue, 03 Mar 2009 14:30:20 +0100

Indeed, it's a nice question where it's better to comment on the content))) But, in any case as every one whose comments are there under the note, I'd like to say thanx for sharing this nice piece of information with us! have a nice day!

One domain name, one certificate - Stephan

Stephan — Tue, 03 Mar 2009 13:35:03 +0100

Vbfox : We're not reseller, but authority of certification. With all rights and duties attached. The fact that for the higher certificates we use Comodo services is simply to complete our offering, in order to cover the needs of everybody.

You don't need the extramile proposed with the big certificates (monetary guarantees), but perhaps others will make this choice, knowing exactly what they are buying (it's explained on the product pages, and we freely talk about it in and there).

We think we're introducing something quite interesting to the mass market : True SSL certificate with a domain name. From such a large provider, it's simply a first, and as certificates will be more and more important to professionalize your web presence, it's definitely a service we needed to propose, the Gandi way.

I totally agree with you, this particular market needs a good kick in the butt, and this is, I think, a good start in that direction : we're still there, with the same ethical guidelines and hopes, be assured about that.

One domain name, one certificate - Vbfox

Vbfox — Tue, 03 Mar 2009 12:43:29 +0100

I really hope that you someday manage it. It is a market that -- like dns when gandi began -- need a good kick in the butt.

One domain name, one certificate - joe (Gandi)

joe (Gandi) — Tue, 03 Mar 2009 12:35:28 +0100

Hi Vbfox,

Don't worry about it. I understand. In an ideal world we would provide every product direct to you, build and developed entirely in house, as we have with our domains and hosting services. However some products like SSL require quite a serious investment in specific encryption technologies, which is why the industry is dominated by a few large players. We have choosen Comodo as our SSL technology provider and partner as they are independent, which is important to us as it is consistent with our vision.

I hope that gives you a better idea of where we're coming from, and thanks for helping us make sure our message is clear and honest.

Joe

One domain name, one certificate - Vbfox

Vbfox — Tue, 03 Mar 2009 12:15:34 +0100

It totally make sense, i'm sorry if i was rude but i was expecting more from you. You are here just a resseler as there are a miriad of.

I still don't see why i should pay an ssl cert when i use it to provide non monetary services.

When i provide a webmail or a private download site for my company or even to customers WHY should i pay for a service that is just a distributed pki to avoid man in the middle. Gandi as a domain name provider know that i own the domain and should be able to provide a wilcard for free.

The current offer is the same as other providers and is aimed to provide monetary guarantees that arent needed in most case.

Basically i was expecting more. Sorry.

One domain name, one certificate - joe

joe — Tue, 03 Mar 2009 11:51:40 +0100

Hi vbfox and Jonas,

There is no intension to deceive you here. We are paying for the privilage to be able to offer our customers a certificate for 1 year for free with all domains. Like domains, certificates cost money, so we can't provide this for free indefiniately.

The text on our homepage says '1 year free certificate' and as you have pointed out we do put the terms of the certificate clearly on the SSL page. We are not trying to hide our offer, nor why we are offering it. If it was not clear in the article, I will adjust it, as we would hate for you to think we are trying to mislead or exploit you.

The reason we are doing this is because we think certificates will form an increasingly important part of the domain space, particularly as the ICANN liberalisation will create any number of alternative domains that might 'look' like your domain. The certificate will be a way of making sure your customers know its you.

As Ryan says, we hope you will see some benefit from the free year and if you want to continue with it, that's up to you. If we can find a way to extend the offer, or get you better rates, we will do that.

I hope that makes sense,

Joe

One domain name, one certificate - Vbfox

Vbfox — Tue, 03 Mar 2009 11:36:59 +0100

Misleading advertising and as all other you expect us to pay for a small "*" character.

Long gone is the time wher gandi was doing things more honestly than other. Now your just another money hungry provider.

One domain name, one certificate - Ryan (gandi)

Ryan (gandi) — Tue, 03 Mar 2009 11:34:15 +0100

Jonas: we are simply saying that we include a Gandi Standard SSL Certificate for free for one year, with domains that are registered, renewed, or transferred at Gandi.

As is our way, there is no obligation to have a Standard SSL certificate with the domain's registration, and no forced sale. If our customer wants to have a Gandi Standard SSL certificate, he will be happy to benefit from the free year, and can renew it if it pleases him/her, or not.

One domain name, one certificate - Jonas

Jonas — Tue, 03 Mar 2009 11:04:19 +0100

* Included for free the first year with the purchase, transfer, or renewal of your domain name. €12 euros excl. vat per year for its renewal. Offer valid until December 31st, 2009.

This is some seriously misleading advertising you have going on here.

[ping] 8 Things a Domain Thief Loves - Notes Fantasia

Notes Fantasia — Wed, 25 Feb 2009 09:37:15 +0100

8 Hal Yang Disukai Pencuri Domain

Kita semua melakukan segala upaya untuk mengamankan domain yang dimiliki. Merupakan sebuah energi besar untuk mendapatkan nama domain untuk blog Anda di dunia Internet yang penuh sesak, atau menunggu dengan sabar nama perusahaan Anda untuk di-release...

8 Things a Domain Thief Loves - ComputerBob

ComputerBob — Wed, 18 Feb 2009 14:28:05 +0100

Good job. I've been doing all of the things that you suggest since I registered my first domain in 1997. This is a case in which an ounce of paranoia can save several tons of frustration (and expense, as described by KK above!).

To thank you, I linked to this article in my Journa today:
http://www.computerbob.com/wp/8-thi...

--CB

8 Things a Domain Thief Loves - KK

KK — Tue, 17 Feb 2009 19:33:10 +0100

Wish I'd read this months ago - i paid $1200 0to retrieve a domain that was drop-caught!

8 Things a Domain Thief Loves - Zhang

Zhang — Mon, 16 Feb 2009 06:51:19 +0100

Thank you for this article...

I also have suggestion for you to increase your account security.

Since domain owner will not login to domain account every day, it would be great if there is some notification option to be send to account owner's email address for every successful or failed login. So in case the account compromised, the real owner will have the notification and can act immediately.

Also send notification for every important changes to the account, like email address.

Dodgy domain practices, the story contines... - Remington

Remington — Tue, 10 Feb 2009 12:03:04 +0100

Right you are, it is very nice that you have followed this line. It is very detailed and I'd like to say thank you for the links.

Why domain name services are not all equal - hoodia

hoodia — Fri, 06 Feb 2009 09:33:51 +0100

hm, interesting explanation! never thought about these reasons... I thought it is just a question of prestige and price... And how do you think, if there will appear a new country who will give it the domain name?

Dodgy domain practices, the story contines... - Arjun

Arjun — Thu, 05 Feb 2009 09:44:39 +0100

yeas the information is really useful... thanx for the links to those posts, I do not know where it' better to leave a comment on the content here or there, but still I'd like to say out my reaspect and best wishes to you!

Dodgy domain practices, the story contines... - Zhangjia

Zhangjia — Sun, 28 Dec 2008 14:18:54 +0100

Thank you for sharing this information.....

UK government theatens domain name industry, 'Get your house in order or we'll step in and take over'! - DoctorDee

DoctorDee — Wed, 24 Dec 2008 08:41:34 +0100

I would welcome any move that wrested control of the UK TLD from Nominet. As an organisation they have historically done a terrible job of managing .uk while pocketing huge profits from their bungling. They are autocratic, old fashioned and high handed.

They have lucked into a monopoly situation which they have used as a licence to print money while delivering barely acceptable service. The way they used to allow domains to sit in limbo for ages if someone failed to renew their registration was scandalous. This may still happen - but I have not had exprience with it recently. But even if this is fixed, the fact that it was allowed to happen for so long is unforgiveable.

The fact that they routinely use fear tactics to try and trick registrants who have placed a domain with another registrar into re-registering through them is sharp business bordering on fraud.

Someone should take the TLD from them, or competition should be introduced.

Any government "domain tax" could barely be more punitive than Nominet's pricing.

UK government theatens domain name industry, 'Get your house in order or we'll step in and take over'! - joe90d

joe90d — Fri, 19 Dec 2008 15:59:52 +0100

Do not worry its just an ideal threat... They will be too busy running our banking sector, watching CCTV cameras just in case I drive into an offensive parking spot!

However should the government get there hands on the control of internet domain space, I shudder to think what next... A domain tax, domain censorship. Consider a situation where a whistle-blower puts up his own blog on the net, or look at how the Obama campaign was run. I am sure that the powers that be are worried, and quite rightly so. Someone may actually get to say something they dont like about their policies, and just use the net effectively as a political tool.

I think though that more realistic management of domain space is a good thing. So many domains so little time. It would be so much easier to determine the content of domains by a more structured domain system.

UK government theatens domain name industry, 'Get your house in order or we'll step in and take over'! - Wendy (Gandi)

Wendy (Gandi) — Thu, 11 Dec 2008 11:39:04 +0100

Hi Scott

Thanks for your input.

Yes Nominet's process is outdated. To be fair to Nominet they are aware of this and are addressing their paper based processes. In Feb 2009 they are changing their renewal process to an email only system rather than old fashioned posted forms! I would hope they'll address their transfer process shortly.

UK government theatens domain name industry, 'Get your house in order or we'll step in and take over'! - Scott Barnham

Scott Barnham — Fri, 05 Dec 2008 11:31:54 +0100

Much as I dislike government regulation of anything Internet related, I think Nominet is doing a lousy job.

I've had to transfer some .co.uk domains from other people recently and it is far more difficult and bureaucratic than transferring a .com. Nominet requires paper forms and an admin fee of GBP10 + VAT to change the whois details. Changing the IPS tag - i.e. transferring to another registrar - is not enough.

As an organisation, Nominet seems very bureaucratic and old-world. Their online system is weak. They require printed forms and company letterhead instead of simple emailed confirmation links.

I don't necessarily want to see the government step in, but I do want Nominet to get its act together.

Launching of .TEL - Full opening on March 24th at 4 PM (Paris time) - Nicolas (Gandi)

Nicolas (Gandi) — Wed, 03 Dec 2008 14:23:54 +0100

That's just the Sunrise price to protect your brand...price in march will be between 8 (E rates) and 14€

Launching of .TEL - Full opening on March 24th at 4 PM (Paris time) - Zhang

Zhang — Thu, 27 Nov 2008 08:25:53 +0100

It is true $130 Excl Tax? Very expensive domain name.

With $130, I can have a domain names, plus 1GB blog, plus 1GB Email (Referring to Gandi's), plus still have $115 saving on my bank account. Not just a single page showing my information.

But anyway, I would like to see how it work. If people uses it, maybe I'll try it.

Just my 2 cents.