CertSimple 5: DBA support, instant rekeying, flat pricing

Author here: if people aren&#x27;t familiar with webcrypto (<a href="https:&#x2F;&#x2F;developer.mozilla.org&#x2F;en-US&#x2F;docs&#x2F;Web&#x2F;API&#x2F;Web_Crypto_API" rel="nofollow">https:&#x2F;&#x2F;developer.mozilla.org&#x2F;en-US&#x2F;docs&#x2F;Web&#x2F;API&#x2F;Web_Crypto_...</a>) it&#x27;s a way to do real crypto, using the OS and openssl &#x2F; boringssl (Google&#x27;s openssl fork). I.e., it&#x27;s not &#x27;JavaScript crypto&#x27;, but actually has proper randomness, hence properly unguessable keys. When we make keypairs with webcrypto, the private key never leaves the browser, so CertSimple doesn&#x27;t know it.<p>That said, if a user prefers to make keys on their own machine we create a custom bash &#x2F; powershell script to create the necessary CSR and private key in a single paste - no clicking, no Q and A, and without installing anything.

Any stats on A&#x2F;B testing at scale for EV certs v.s. non-EV? I&#x27;m sure it would vary by industry but I&#x27;m curious if anyone has shown that it&#x27;s statistically worth it in their particular situation.<p>A pretty green bar with your company name is great and all but is it actually worth it? It&#x27;s not just the couple hundred dollar price tag of getting the EV cert. It&#x27;s the maintenance of having to manually replace it every N years v.s. automating the deployment via something like LetsEncrypt.

It&#x27;d be nice if CertSimple had a LetsEncrypt (obviously with some kind of auth - perhaps based on a secondary private&#x2F;public key pair unrelated to the certificate(s)?) style tool to allow issuing&#x2F;renewing certificates for a known account.<p>I understand that the initial proof of entity needs some human involvement on our end, but surely once it&#x27;s proved, renewals could be automated?

Can these EVs be used for binary&#x2F;exe signing ? And what about individual developers i.e. not a company