Monday, 7 May 2012

Breaking down the SSL Certificate Classifications [Part 3 of a 4 part series]

If you've come to our GlobalSign website or been approached by any of us, you've probably seen the term SSL. We've started a four part series where we blog about SSL Security and what it means for you. Stay tuned each week as we break down SSL into bite-sized bits. 

This week, we'll introduce the various types of SSL Certificates that we offer:

What are the types of SSL Certificates?
Over the last few years the number of organisations using SSL Certificates has increased dramatically.  The applications for which SSL is being used has also expanded.  For example:

  • Some organisations need SSL simply for confidentiality, e.g. encryption
  • Some organisations wish to use SSL to enhance trust in their security and identity,
    e.g. they want to show customers they have been vetted and are a legitimate

As the applications for SSL have started to become wider, three types of SSL Certificate have emerged:

Extended Validation (EV) SSL Certificates:  where the Certification Authority checks the right of the applicant to use a specific domain name PLUS it conducts a THOROUGH vetting of the organisation.   The issuance process of EV Certificates is strictly defined in the EV Guidelines, as formally ratified by the CA/Browser forum in 2007, that specify all the steps required for a Certification Authority (CA) before issuing a certificate, and includes:
  • Verifying the legal, physical and operational existence of the entity
  • Verifying that the identity of the entity matches official records
  • Verifying that the entity has exclusive right to use the domain specified in the EV Certificate
  • Verifying that the entity has properly authorized the issuance of the EV Certificate

EV Certificates are available for all types of businesses, including government entities and both incorporated and unincorporated businesses. A second set of guidelines, the EV Audit Guidelines, specify the criteria under which a CA needs to be successfully audited before issuing EV Certificates. The audits are repeated yearly to ensure the integrity of the issuance process.
  • Organisation Validation (OV) SSL Certificates:  where the Certification Authority checks the right of the applicant to use a specific domain name PLUS it conducts some vetting of the organisation.  Additional vetted company information is displayed to customers when clicking on the Secure Site Seal, giving enhanced visbility in who is behind the site and associated enhanced trust.
  • Domain Validation (DV) SSL Certificates:  where the Certification Authority checks the right of the applicant to use a specific domain name.  No company identity information is vetted and no information is displayed other than encryption information within the Secure Site Seal.

1. Extended Validation: GlobalSign ExtendedSSL

The latest, and possibly most significant, advancement in SSL technology since its initial inception follows the standardized Extended Validation guidelines.  New high security browsers such as Microsoft Internet Explorer 7+, Opera 9.5+, Firefox 3+, Google Chrome,  Apple Safari 3.2+ and iPhone Safari 3.0+ identify ExtendedSSL Certificates as EV Certificates and activate the browser interface security enhancements, such as the Green Bar.  For customers who wish to assert the highest levels of authenticity, ExtendedSSL is the ideal solution.  
Extended Validation EV SSL Example

2. Organisation Validation: GlobalSign OrganizationSSL

GlobalSign has been issuing organisation validation Certificates for 10 years.  Companies applying for OrganizationSSL have their company details vetted before issuance.
Standard SSL Example

3. Domain Validation: GlobalSign DomainSSL

DomainSSL Certificates are fully supported and share the same browser recognition with OrganisationSSL, but come with the advantage of being issued in only 5 minutes and without the need to submit company paperwork.  This makes DomainSSL ideal for businesses needing a low cost SSL quickly and without the effort of submitting company documents.  
Standard SSL Example
To round off the last of our four part series, we'll introduce some additional features that come with your SSL Certificate order.

Stay tuned!