ÃÛÌÒTV

Product 02-21-2014

How the Green Bar in Extended Validation SSL Was Born

Flavio Martins

ÃÛÌÒTV is one of the original founding members of the CA/Browser Forum industry working group working to advance the requirements and guidelines for secure operations by Certificate Authorities around the world.

Guidelines set by the CA/Browser Forum are enforceable by globally accepted auditing organizations and the browser and operating system root store operators. ÃÛÌÒTV participates in this working group along with PKI professionals from Apple, Google, Microsoft, Mozilla, Opera, and other Certificate Authorities.

One of the industry changing developments in SSL security is the creation ofÌý (45 pages technical and operational processes) for EV SSL Certificates and the ÃÛÌÒTV Multi-domain EV SSL CertificateÌýthat secures multiple websites with one EV certificate.

When the Extended Validation guidelines were first proposed, there were no universally accepted standards for how validationÌýof identity should be done for anÌýSSL certificate. How each individualÌýbrowsers displayed the SSL secured padlock only added to the confusion of users looking for the trust indicators for online security.

The problem with cheap SSL Certificates

Although users can get encryption from free or cheap Domain-only Validated (DV) certificates, these type of certificates offer noÌýverification of the identity of the certificate holder. DVÌýcertificates are processedÌýwith automated systems that don't require human interaction for security or identity verification. Requesters of these certificate respond to an email and an SSL Certificate is issued.

Certificates with no identity assurance are frequently exploited byÌýscammers and are often used forÌýquestionable purposes.

High Assurance Trusted SSL Certificates

The high assurance, fully trusted SSL Certificates that ÃÛÌÒTV issues all include full identity verification. These Organization Validation (OV) certificates require organizations to undergo a background verification of their organization and web site.

With the number of SSL providers available, many users often ask why choose ÃÛÌÒTV? ÃÛÌÒTV validation processes streamlined the identityÌýverification process so that full high assurance Ìýis performed in a matter of minutes, but the verification practices can oftenÌýdiffer among the various SSLÌýproviders.

In our effortsÌýto createÌýExtended Validation, ÃÛÌÒTVÌýset out to ensure that all SSL Certificates online provideÌýthe three basic security services that all Internet users deserve:

  1. Trust that all SSLÌýproviders offer the same level of confidentiality
  2. Assurance of data integrity in communication
  3. Verification ofÌýthe identityÌýanÌýSSL Certificate owner

With Extended Validation, secureÌýInternet transactions and communications really can be safe for users as they ensure that the people you connect with online really are who they claim to be. Extended Validation-level verification preventsÌýbad actors from being ableÌýto trick innocent Internet uses.

Enterprise Benefits of Extended Validation

EV SSL Certificates ensure that users can communicate securely with a web site. Websites using an EV SSL Certificate gainÌýimmediate trust in the eyes of users as it reassures that data secure andÌýthe organization receiving the data is a reputable entity.

Since technical requirements prevent EV SSL Certificates from being forged, large enterprises especially benefit fromÌýusingÌýExtended Validation SSL Certificates as an easy anti-phishing indicator or that data being secured cannot be intercepted (man-in-the-middle) by a malicious 3rd party.

Extended Validation SSL Certificates adds an instant green bar as a visual indicator of trust online. Green isÌýgood, and EV isÌýa site you can trust.

UP NEXT
PKI

3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

5 Min

Featured Stories

07-03-2024

What is a CA’s Role in delivering digital trust?

11-27-2024

6 actionable ways to secure the IIoT at every stage

Tracking the progress toward post-quantum cryptography

The state of PQC since the publication of FIPS 203, 204 and 205