Well, sometimes the David wins against the Goliath.
In this case, I am the David and the Goliath is the 800-pound-internet-gorilla-Black Monolith-Evil-Empire Network Solutions SSL Certificates Verification Department.
As you may remember in my NTIA Revokes NeuStar Private .US Domain Registrations article, I provided an update on my dealings with Network Solutions and my new hosting agreement with them in a comment to my own post:

I made my server switch to Network Solutions — I’m
still fighting with them over database speed, BTW  they say it’s
fine and I say it’s 10 times slower than my previous host.

I also
told them I could go across the street and get a commercial Comodo SSL TrustLogo Seal for half the price and the only ID I needed was my credit card verification. I’m still waiting for my NelSol SSL refund.

I was surprised yesterday when I received an email confirmation that my
Network Solutions Site Seal was installed and ready to use even though
I refused their requirement to hand over more paper proof of my
identity!
I guess they didn’t want to refund my $70 after all.

Perhaps they
bought my argument that their Site Confirm policy was silly and a whole
new threshold for identification was put in place.
The Network Solutions Site Seal is installed using two pieces of
JavaScript code in your web page. The first piece plugs into your
HEADER tag and the second is placed in the BODY area. My seal is good
for http://boles.com only.

NetSol Seal

You can head over there now and see the seal looks like this: When you hover your mouse pointer over that seal, the following box pops up:

NetSol Seal

That
Seal and confirmation are hard-coded on the server so even if someone
looks at my raw HTML to steal the Seal code it will not work on any
other domain. Network Solutions did the setup and the install for me on
the server side. All I had to do to get the Seal to work on my site was
copy and paste some JavaScript code into my HTML pages and load it on
my server.
The Seal only confirms I am a known entity to Network Solutions.

It is
not an SSL Commerce Seal that I would use to process payments. A
payment processing Seal is a different beast and should require harder
identification. A commercial-use SSL Seal costs a lot more money.
I have always liked that kind of third party server-side Seal because
it identifies you as a person of record and it means there is a hard
trail confirming you have been trusted in the past. That kind of
reassurance can help settle nerves and assuage any fears people who
want to work with you might hold when they meet you for the first time
on the internet.

The innate want of human nature is to believe in people until they
prove you wrong — unfortunately, on the web, the reverse must be true
until proven otherwise — the Network Solutions Site Seal helps confirm
our humanity by supporting the initial human instinct to believe in
people and not machines.

7 Comments

  1. Hey Joe!
    Right you are, my friend! SSL and high-bit encryption means nothing in the overall scheme of security on the web. I do think, however, that with the ID hoops Network Solutions makes you jump through to get an SSL cert you are more protected doing business on a NetSol bugged site than you are on a site without one.

  2. Hello Dave!
    Thank you for the kind support! It has been a difficult two weeks trying to get satisfaction on the Site Seal issue. Lots of email. Lots of calls. Lots of re-direction to write to *this* email address instead of *that* email address followed up with “are you really, really, sure you want to cancel?” and then getting the Seal approved anyway…
    I just received an email from an actual person Network Solutions (and not a reply robot) telling me they were cancelling my Site Seal — so this saga may not yet be over!
    I will keep you posted.
    Yes, I think you should do an entire blog entry on your newfound friend who is a now person of record. 😉

  3. It has been an interesting experience dealing with Network Solutions. They have great promise as a web hosting service but they need to get customers direct access to the precise person who can help them get the problem resolved.
    Right now you do a lot of interacting with auto-responders if you email and if you call you get super-friendly people who really can’t do anything but take a note to pass on to engineering.
    You can’t ever speak directly to a Tech — and that’s too bad because having that kind of access would save so much time because you would not longer have to be filtered by someone else’s perception/misperception of the problem.