 |
SSL Certificates FAQ
|
|
|
Extended Validation SSL
Extended Validation SSL Certificates are a
direct response to the rise in Internet fraud, which erodes consumer
confidence in online transactions. In 2005, 84% of respondents to a
Forrester Research study said they don’t think retailers are doing enough
to protect their customers online and 24% did not make purchases online
due to security concerns.* Before customers share their confidential
data online, they want proof of identification from a trusted source.
The High Assurance SSL standard raises the bar on verification of SSL
certificates and adds visual displays to high security browsers.
Questions
What
is Extended Validation SSL?
What
is the Extended Validation Standard?
How
will Extended Validation SSL increase consumer confidence?
What
are the benefits of Extended Validation SSL to Web site owners?
Who
is eligible to receive an EV SSL Certificate?
Where
can I buy a Extended Validation SSL Certificate?
What
type of additional documentation is required?
Can
I renew SSL Certificates and add the Extended Validation Standard?
What
is EV Upgrader™ and how does it work?
Answers
What is Extended Validation
SSL?
Extended Validation SSL Certificates give high
security Web browsers information to clearly identify a Web site’s organisational
identity. For example, if you use Microsoft® Internet Explorer 7 to
go to a Web site secured with an SSL Certificate that meets the Extended
Validation Standard, IE7 will cause the URL address bar to turn green.
A display next to the green bar will toggle between the organisation
name listed in the certificate and the Certificate Authority (VeriSign,
for example). Firefox and Opera have announced their intention to support
Extended Validation SSL in upcoming releases. Older browsers will display
Extended Validation SSL Certificates with the same security symbols
as existing SSL Certificates.
What is the Extended Validation
Standard?
To purchase a Extended Validation SSL Certificate,
an organisation has to go through a validation process that meets the
Extended Validation Standard established by the CA/Browser Forum (soon
to be released). In addition to confirming domain name ownership, the
process will likely include authenticating the authority of the contact
person requesting the certificate, verification of the business with
government or third party business registries, and other methods.
How will Extended Validation
SSL increase consumer confidence?
As people use the Web for commerce, business,
and social activities, they share personal and confidential information.
High profile incidents of fraud and phishing scams have made Internet
users very concerned about identity theft. Before they enter sensitive
data, they want proof that the Web site can be trusted and their information
will be encrypted. Without it, they might abandon their transaction
and do business elsewhere. High security browsers and Extended Validation
SSL Certificates provide third-party verification using a visual display
that gives consumers confidence and builds trust in e-commerce.
What are the benefits of Extended
Validation SSL to Web site owners?
An Extended Validation SSL Certificate helps
your visitors complete secure transactions with confidence and puts
your organisation in a leadership position. If your site has the “green
bar” in IE 7 and your competitor’s site does not, you appear to be more
trusted and more legitimate. That’s a competitive advantage in the world
of e-commerce. For businesses with a high profile brand, using Extended
Validation SSL is an effective defence against phishing scams. When
customers see the green bar and other displays of trust, they can interact
with you online, with confidence.
Who is eligible to receive
an EV SSL Certificate?
The CA/Browser Forum dictates what kinds of
entities are eligible to obtain EV Certificates. The following entities
are eligible provided they are currently registered with and approved
by an official registration agency in their jurisdiction. The resulting
charter, certificate, license or equivalent must be verifiable through
that registration agency.
- Government agencies
- Corporations
- General partnerships
- Unincorporated associations
- Sole proprietorships
The employment and authority of the person
placing the certificate order must be verifiable. These business entities
need to have a confirmable physical existence and business presence.
Any assumed business names should be verifiable. A principal individual
associated with the business must be validated and that person must
confirm agreement to the certificate subscriber agreement. The
entity cannot be located in a country where VeriSign is prohibited from
doing business or listed on any government prohibited list such an embargo
restriction.
Where can I buy a Extended
Validation SSL Certificate?
VeriSign offers Extended Validation SSL Certificates
for purchase as individual certificates and in multiple certificate
packs through our Managed PKI for SSL service for the enterprise. The
most secure and trusted option for SSL is a true 128-bit, Extended Validation
(EV) SSL Certificate. Look for Secure
Site Pro with EV or Managed
PKI for SSL Premium with EV.
What type of additional documentation
is required?
A legal opinion letter confirming that the
requestor has the authority to obtain an SSL Certificate on behalf of
the company must be submitted to VeriSign. The legal opinion letter
also may be used to confirm the organisation registration, organisation
address, telephone number, domain ownership, and that the organisation
is conducting business. Once confirmed, the requestor may be able to
purchase additional SSL Certificates based on the original letter. If
a legal opinion letter cannot be obtained, Our Certification
Practice Statement outlines alternate authentication and
verification processes.
Can I renew SSL Certificates
and add the Extended Validation Standard?
When you renew individual SSL Certificates,
look for the upgrade to Extended Validation. Due to the additional steps
in the verification process, enrolment may take longer than traditional
SSL Certificates. Managed PKI for SSL accounts must be pre-qualified
to request Extended Validation SSL Certificates before traditional certificates
may be converted to EV. To upgrade SSL Certificates to Extended Validation,
contact VeriSign.
What is EV Upgrader™ and how
does it work?
EV
Upgrader ™ is the first ever technology that enables all
IE7 on Windows Vista and XP client systems to display the green address
bar, organisation name, and other Extended Validation interface conventions.
EV Upgrader works by prompting existing root update functionality in
IE7 for Windows XP on visiting client systems and therefore enabling
the IE7 client to 'recognise' the SSL Certificate's EV status. In the
absence of the root update, no Windows XP client can ever see the green
bar on your site.
Once a given client system has a specific EV
SSL root installed (by way of EV Upgrader or manual installation, from
the Microsoft Web site, by the user) that client will experience 'green
bar' behaviour whenever connecting to a valid EV SSL Certificate on
that same root. Note that this root installation affects only the root
in question and does not enable that client for EV behaviour with any
other root. Learn
more about EV Upgrader.
*Lauri Giesen,
”Hand-holding:
Fraud-weary consumers look for the seal of approval,” Internet
Retailer, March 2006.
|
|
