Extended Validation Certificate

Extended Validation SSL Certificates (EV SSL; German as " certificates with extended check " ) are X.509 SSL certificates, the issue is bound to stringent award criteria. This refers mainly to a detailed review of the applicant by the certification body. The award criteria are specified in the "Guidelines for Extended Validation Certificates". The guidelines issued by the CA / Browser Forum, a voluntary group of CAs and browser vendors.

The certificates are usually used to secure Web applications via HTTPS and give the users in the context of phishing attacks, additional security, such as online banking.

Motivation

The primary objective of EV SSL certificates is to complicate Phishing encrypted and therefore secure at first glance websites. By introducing a new "extended" certificate and the green - stored address line of the browser user confidence should be strengthened in the secure connection to the desired sites.

The issuance of SSL certificates is in principle bound to a review of the applicant, the price pressure among providers but has led to a partially lax lending practices and simplified certificates that certify no more than the domain name. This also scammers SSL certificates can use to boost their credibility without having to reveal their identity.

Critics of the new standard in part the attempt of certification bodies to evade the price war in the SSL certificate issue by introducing a new premium product that brings little additional security the user, and this could be achieved by other means. Smaller providers could be disadvantaged business. In version 1.1 was partly tried to consider these objections.

User interface

In the address bar of the browser in addition, a box appears, certificate and domain owners will be displayed alternately with the certification authority ( for example, VeriSign or TC TrustCenter ) in the. In addition, depending on your browser 's address bar or a part thereof is dyed green. Internet users should be able to recognize even faster if the visited site is genuine and so better protect yourself against phishing attempts.

Browser Support

  • From Firefox 3: The advanced features of EV SSL certificates are supported by default in Firefox 3. The left part of the address bar is green.
  • Google Chrome: EV SSL Certificates are supported by default. The left part of the address bar is green and the organization name will be displayed in green next to a lock symbol.
  • From Internet Explorer 7: EV SSL Certificates are supported by default. The entire address bar is green. A user with administrative privileges can configure Internet Explorer so that other certificates are displayed as EV SSL certificates.
  • From Opera 9.5: EV SSL Certificates are supported by default. The right side of the address bar is green and the lock icon has a check mark in addition.
  • From Safari 3.2: EV SSL Certificates are supported by default. The organization name is displayed in green next to the lock icon.

Award criteria

To be allowed to issue EV SSL certificates, the certification bodies must undergo a self- check. The allocation of the allowances is linked, among other things, to the following criteria:

  • Establish the identity and the business address of the applicant
  • Ensure that the applicant is the exclusive owner of the domain or is an exclusive right of use has
  • Ensuring that the complaining people are empowered and that legally binding documents are signed by authorized signatories

An EV certificate may be issued for:

  • Authorities
  • Corporations
  • Partnerships
  • Registered associations
  • Individual companies
Webbrowser
321206
de