With online transactions, an SSL (Secure Socket Layer) certificate gives users some confidence that they've connected to the site that they think they've connected to. SSL also encrypts the transaction.
Yesterday morning, I learned that the SSL certificate for sarahpacdonate.com would expire that afternoon:
This morning, the certificate has indeed expired:
What does SarahPAC's certificate provider say about this?
That last image was obtained by clicking on the Trustwave "Click to Validate" button at sarahpacdonate.com. To do that, you will have to override your browser's warning that sarahpacdonate.com hasn't a valid certificate. Not recommended! If your browser doesn't warn you, something may be wrong with your browser.
What's the takeaway? Without a certificate issued by a Certificate Authority (CA), there are these problems: 1) No CA verifies that SarahPAC operates sarahpacdonate.com; 2) No CA has records indicating that SarahPAC is a valid entity; 3) Users of sarahpacdonate.com cannot be sure that their credit card and identity information are secure.
There may not be a lot of readers of this blog who are SarahPAC donors. If you're not a donor, there is no need to worry -- it may even be good for a laugh. It certainly indicates that SarahPAC is disorganized.
Don't trust sarahpacdonate.com without a valid certificate. Wait! What am I saying? Don't trust it even if it renews its certificate, unless you want to pay for Palin family vacations! Hahaha.
Note: All of the images can be enlarged by clicking on them.
For comparison, here is what clicking on the Trustwave "Click to Validate" button yielded yesterday when the certificate was valid:
Update: 27 October, 2011 ... sarahpacdonate.com appears to have renewed its certificate! What took them so long?
BBC One gets it.
1 hour ago