SSL WHO? Security – UPDATE

The Scoop:

2016 Google enacted a new policy on SSL Security Certificates.

SSL (Secure Sockets Layer) is the standard security technology for establishing an ‘encrypted link between a web server and a browser.’  

This link ensures that all data passed between the web server and browsers  remain “Private and Integral.”

The big hype reason for SSL is to assure security during transactions, specifically credit card transactions and personal information.

You can see the policy at work by looking to the top left of your URL.  There you will see either a lock with the word “secure” or a circle with an  ‘i’  in the middle, for “insecure.”

It’s a wonderful idea, but here is the truth of what is happening:

Large internet companies that have domain name owners or simply individuals who are affiliates are now requiring the affiliates to pay for the SSL certificate fees;  and then telling affiliates to put their personal name and address on the certificate;  except for the e mail address.  

For the e mail address, the domain name affiliate is told to put the large internet company’s  e mail address in the certificate area where the domain name owner’s e mail address should go.

Some large internet companies suggest putting the name of the large internet company as the administrator with no address.  The administrator is the administrator for a domain name and not a web site.

This passes off both the expense of the SSL certificate and the responsibility for any problems associated with the credit card transaction to the domain name affiliate.

However, at no time is the domain name ‘affiliate’ accepting the credit cards, or receiving any personal information.

When there is a problem with a transaction, the responsible party has now become “The Domain Name Affiliate.”

Large Internet Companies use up to 78% affiliate template pages in sales. 

When a domain name owner simply forwards their domain name to a template affiliate site created by the large internet company that accepts credit cards and personal information, the domain name affiliate has now become the responsible party for transactions and personal information gathered by the large internet company.

The large internet company name and address that took the credit card transaction is not given and is not encrypted on the SSL certificate.

The affiliate’s name and information is encrypted and only the e mail address of the large internet company conducting the transaction is given as ‘certified’ security.

This policy is causing major dis-information on the internet and creating more security problems with personal information and credit card numbers.


Large companies are being hacked.  Most recently a credit scoring company that gathered social security numbers and credit card numbers of 124 million users

and on this date that companies URL still reads that it is “secure.”

So, what good is the SSL certificate of encrypting information from web server and browser if the information is wrong and/or scrambled by crackers?  

Many hackers are what is known as ‘crackers.’  They claim their ‘cracking hacking’

is a joke and they scramble the information of large internet companies;

and the large internet companies don’t realize they have been ‘cracked’ for months, sometimes years.  It’s a type of attack and very popular.

The large internet company is cracked and hacked and all the information is taken and scrambled even when the web site reads that it is secure!  

At the time of Googles policy change of June 2016, SSL certificates were issued by respected and well known domain name companies for a fee of approximately $37 per year.  At the time of this writing (14 months later) several new pop up companies are issuing SSL certificates for only $4.99 and they are advertising themselves on Google.  

Dis-information violates Icann and most large internet company’s information system policies and yet, the large internet companies are telling domain name owners who are affiliates to break the large internet company’s own policies and the policies of Icann

 to “YIELD”to Google.


What is it called if Google and affiliates

are selling SSL certificates and SSL certificate companies?


Do SSL Security Certificates constitute “Security Fraud if filled out incorrectly or with false information intentionally withheld?”

Is it possibly inside trading by Google?  Do the companies now selling SSL Security Certificates advertise on Google?  Does Google benefit financially when these new companies pay for advertisement on Google?  Does Google own or control these companies and their growth in capital by accepting and ranking the ads?  And does that growth in capital benefit with more capital to Google?

Update Again:  11/30/17

Conversation with Godaddy regarding SSL and the CSR categories in which to put the data that will be encrypted with transactions.  I explain that the CSR form given to me by the large internet company, affiliate manager does not have the categories to separate the domain name holder and the large internet company’s information.

I further explain that putting my personal address and phone number creates dis-information and possibly holds me responsible for credit card transactions which I am not processing.  I also do not collect any personal information.  The Godaddy employee tells me that it’s very interesting and I need to ask my attorney.  I ask for a recommendation and am told I must call my own attorney.

The Godaddy employee also tells me that it would be interesting to hear back my attorney’s opinion since it’s important to keep up with legal information like this.

Well, gee?

I have also discovered that there are different CSR forms, apparently.  I am uncertain, but have found companies that offer SSL for “all your domain names” and for “business domains vs. personal domains.”  In addition, the fees are sky rocketing for all of this SSL security at approximately $250 – $425 per year.  Considering that the domain name cost $12 per year, this is quote a percentage.

If a company wants to consider having a “secure” “S” read on their url because it’s better for business, then large internet companies might want to consider actually knowing who is processing the credit card.

I have discovered even more shattering information.  Some large internet companies are not processing the credit cards but are out sourcing the transaction to processing companies.

In addition, I originally called Godaddy because in renewing a domain name using PayPal, Godaddy and other large internet companies no longer require their program to ask the user for their PayPal password.  In other words, transactions with PayPal can be made using only “the payment method.”

Godaddy explained it to me like using a credit card vs. a debit card.  A password is not needed when using a credit card, but is needed when using a debit card.

Well, how does that justify using PayPal then?  And a credit card requires “A Signature.”

Again, I come back to the only conclusion that I can derive from all this headache.  The conclusion is that no transaction is secure on the internet and that no user can be certain by any stretch of the imagination that their banking information is safe.

Google algorithm “so called” change to read httpS, The “S” meaning that there is encrypted data to help keep monetary transactions safe in what is called an “SSL” is a very faulty system.

After I have personally verified that there are multiple CSR forms with different categories to fill in on templates, SSL companies offering “Private Keys” which keep the encrypted data ‘Private’ until subpoenaed and Large Internet Companies shirking responsibilities off to their affiliates, I report that this entire system is going to fail and it is going to fail at a maximum economic level.

Users will still need to “subpoena” information when a transaction goes wrong and they will have trouble finding the “service address” in order to serve a petition of complaint.  And even after filing and serving a complaint, the user who was wronged will still not be certain that they are filing and serving the correct party.

With out sourced companies conducting transactions, domain name owners paying for SSL and private keys while providing their own personal information, and then forwarding urls to affiliate template pages;

Most people do not even understand most of this article or what I am describing.  How can any reasonable person believe that this is going to create a “Safer System?”




Update:  11/28/2017

I have Generated a ‘basic’ CSR to discover what is on the form and what will be ‘verified’ and put on the encryption of the credit card transaction and collection of personal data.

The template reads the following with the ‘given example answers’ in parenthesis:

Country  (US)

State  (Texas)

Locality  (San Antonio)

Organization  (Big Bob’s Beepers)

Organizational Unit  (Marketing)

Common Name  (

The information given in the CSR form will be encrypted with a private key (size 2048) on the SSL Certificate.  The private key is then held by the SSL certificate holder to be given out only when requested and to ‘assure security’ of the information on the SSL certificate.

Here is what Godaddy describes as an SSL Certificate:

Please note that Godaddy url reads httpS (meaning secure site) without being logged in.

Please note that Godaddy url reading httP (without the ‘S’) logs onto the same page.

Here is Google search for ‘SSL”….0…1.1.64.psy-ab..…0.g2tlPdnhn1o

Prices are from $87-$425 per year depending on features of multiple domain names and/or with private key to keep data private.  Question, if I hold the key to keep data private, and I can keep that data from credit card transaction users, how does that increase security?

I have filled out the ‘basic’ CRS form and submitted it to several sites.  Their program continues directly to their credit card payment to be received.  I am expected to accept ‘their security with my credit card information’ to get an SSL to show that I am safe to use for a credit card transaction.

Now, how does anyone with knowledge in securities not notice this house of cards?

If I trust a company with my credit card information for an SSL, and that company is not legitimate, they simple give me an SSL that I pass on to my domain name registrar.

And if I use paypal,  sites are now holding “payment” information for paypal…

Copyright 2000 Peggy Penny, accredit Sociologist, Cal Poly Tech University.




Dated:  March 18, 2017

“The Fake News” is a virus called, “The Propaganda Virus.”


Eliminating data and causing general ciaos around the world.

A synchronized internet viral attack and threat (Ransom Virus) of the world’s internet information is going on right now.

Government limited bandwidth to prevent civil unrest and up risings in the world today. The virus attack has “an agenda”

Limiting Countries, people from sharing art, knowledge, education, ideas music, technology and the whole zoo because the linex mac based virus has a political agenda.


A Social Report  on Two New Major Internet Policies


Net Neutrality Policy One (1) :

The policy set restrictions on internet service providers that prevent them from prioritizing web traffic and slowing down content. Supporters say it created a level internet playing field. But the broadband industry sees the rules as over-regulation.

Federal Communications Commission (FCC) unveiled the plan for

“rolling back net neutrality.” 

Undoing net neutrality would mean big changes for how customers access the internet, the plans and services that broadband companies provide, and how web companies reach their consumers.

Net SSL Security Policy Two (2) :

This policy includes SSL, Security, Domain Names, Credit Card Companies and Financial Institutions’ costs to Individuals rather than large internet companies.

Internet Companies that offer individuals a percentage of sales by becoming

“Affiliates and/or Co-Brands” are now “Requiring” domain name owners who are marketing THE INTERNET COMPANY’S PRODUCTS to pay for domain names,

SSL certificates and Security fees;

even though affiliates, co-branders and marketers are

                                            NOT taking


“Rolling back net neutrality” makes it easier for group criminals to set up fake sites to lure individuals into becoming affiliates and co-branding marketers who are being ‘set up’ to take the responsibility;  while group criminal gain large data of credit card numbers.

Credit card companies and individuals are going to have to cover the cost and the fake credit charge losses when group criminals run up charges, and sell credit card numbers to other group criminals.

The Domain Names, SSL fees, Security fees and credit card loss approximates at

   $8.5 Trillion in US Dollars in the next three years


The Nov. 1, 2016   “Large Search Engine Conglomerate Company” ranking policy creates


‘SSL Certificates’ are simply the domain name company verifying the correct name and address of the domain name owner.  ‘Security’ keeps personal information private.  To obtain the ‘secure’ information to challenge credit card fraudulent charges, the domain name company has to be subpoenaed to give out the ‘secured’ information.

Unhappy customers will have to first subpoena the domain name company to get the address and phone number of the domain name owners;

Then subpoena the domain name owner to hold them responsible for unhappy credit card transactions.  Most people will simply report the credit card charges as fraudulent and the credit card companies and/or financial institutions will begin having to take the significant losses.

The Large Internet Companies and Group Criminals thereby escape responsibility while individual’s bandwidth access will give internet customers MORE access to fraudulent data and criminal activities by preventing them from prioritizing web traffic and slowing down content.

These two policies combined will “CREATE”    “An Economic Wave”

of “Dis-Information Data” and

Significant loss to credit card companies, financial institutions and to the individuals who have become affiliates and/or co-branders, plus individuals who will be forced to pay the fraudulent credit card losses and costs while their opportunities to access secure sites becomes diminished by net neutrality bandwidth.



How Taking $8.5 Trillion in The Market” in SSL fees, Security fees and in untraceable credit card charges is an estimate $8.5 Trillion in US Dollars annual which will take full effect in the next three years;

HOW it will be creating  “DIS- INFORMATION- DATA” and

How the losses and the “Responsibility” of costs will be on

“Individual International Citizens” and “Credit Card Companies / Financial Institutions.”



Let’s multiply the cost ($37.00 per year, sold 3 years at a time at $111)  for SSL certificate from a Large Domain Name Company which sells domain names for $14.99 per year and annual security fees of $88 per domain name.

( I divided by 3 to calculate the annual cost of SSL certificates)  Then, add the cost of annual security fees and the annual cost of the domain names)

Multiply $37.00 by  The International Census Stats on how many small international domain names are sold annually to be used on  The World Wide Web

being approx 500 million

$37.00 ( SSL Certificate annual cost)   x  (500 million) =  $18,500,000,000.00  (2 Trillion)


$14.99 (Domain name annual cost) x (500 million) = 7495 …  (1.5 Trillion)

$88.00 (Security annual cost) x (500 million) = 44000 …  (5 Trillion)  Which includes credit card and financial institution costs and losses from large group criminals collecting credit card data.


Approximately $8.5 Trillion in U.S. Dollars annually.   I estimate it will take three (3) years for these two policies to take full effect on the internet and for other large search engine companies to also change in policy.

(I use this estimate time frame from the information given to me that SSL Securities are being sold three (3) years at a time.)

$8.5 Trillion in U.S. Dollars per year.   You can calculate it in YEN if you want.

To ease the costs would entail personal and small business’s  “SECURE SERVERS” which was the issue with Hillary Clinton’s e mail.     Do you remember that issue?  Oh yeah, that…  Yet with the bandwidth slowing down content, how is a personal server going to help?

As soon as a victim, regardless of their bandwidth;  files a complaint with a domain name company, or credit card company, the companies immediately notify the offenders that a complaint has been filed.

The offender simply transfers their domain name to another domain name company and again purchases “privacy and security” from another domain name company.

And around and around and around the victim goes…  so they report the fraudulent charges to their credit card company who have to write it off, or make the individual responsible for the costs because the individual cannot figure out who took their credit card and personal information.

While the offenders gets away with:

Other people’s personal information,

Bank account and credit card information,


Hate crimes,

Sex crimes,

Stalking crimes and Basic fraud.



I would to also ask if this is inside trading?  Since Large Conglomerate Companies are creating policies to benefit and/or to cost their affiliates and co-branding companies… while limiting access for individuals and creates dis information data.





Copyright 2000 Peggy Penny – all rights reserved-opt out

Peggy Penny is an accredit Sociologist, Cal Poly Tech University.

Protected: Understanding “Poly Viral Attack” aka: “Panic, Propaganda and/or Ransom” Attacks

This content is password protected. To view it please enter your password below:

Protected: Misusing the 1st Amendment

This content is password protected. To view it please enter your password below: