Extended Validation Certificates
EV SSL: An introduction
Extended Validation certificate is a new type of expensive SSL certificate coming to a browser 7 near you before the end of January 2007 if you are using Internet Explorer. When, if or how other browsers are going to support EV certificates are not known at this time. Microsoft, Opera, Mozilla and KDE(not a browser, but...) are all members of CA/Browser forum and will - eventually - provide web browsers that can highlight websites with EV certificates.
What is the difference between today's certificate and EV certificates?
This comparison chart shows the differences between the two types of
certificates.
| Feature | Today's cert | EV cert |
|---|---|---|
| Price | You can get certificates all in all price ranges. | Will cost more as this the new, hot and secure certificate. |
| Validity of certificate | From one to three years. | Max 27 months, but the specification recommends 12 months validity. |
| Verification of certificate owner | Not much. You just need to document that you own the domain you request a certificate for. | There is a common procedure all EV certificate authorities need to comply to before issuing a certificate. The procedure seems to be somewhat vague at this point so there is a chance that there will be different procedure for each issuer. |
| Browser compatibility | You can get 99%-99.99% compatibility from most issuers. | EV certificates will use existing root certificates. At this point no there is no way to tell what root certificate the various issuers will use and compatibility is therefore now known at this time. There are requirements to be met for the root certificate, and these requirements are defined in the guidelines from CA/Browser Forum. |
| Wildcard certificates | Supported by many issuers. | Not supported. This is a requirement from CA/Brower Forum. |
Pictures of EV SSL sites
I found some pictures from Verisign with some pictures showing how IE will look on a site with a EV certificate. The pictures had to be sized down to display properly on this page, so you can click on the image to get it in full size.
And a site without EV certificate:
External links
-
http://www.instantssl.com/ssl-certificate-products/addsupport/ssl-evssl-twoyearpromo.html
- CA/Browser Forum.
- InstantSSL - my favorite issuer.
- Offer on EV certificates from InstantSSL.
- Tags: SSL, encryption, IE7, security.
posted by Helge Olav Helgsen @ 00:33
0 comments
links to this post
0 Comments:
Post a Comment
Links to this post:
Create a Link
<< Home