http://www.webhostingsecretrevealed.com/web-hosting-knowledge/the-rationale-behind-extended-validation-ev-ssl-certificates/ Hosting up a new website? Read our unbiased review and helpful how-to guides on web hosting services. Tue, 07 Feb 2012 16:16:53 +0000 hourly 1 http://wordpress.org/?v=3.3.1 http://www.webhostingsecretrevealed.com/web-hosting-knowledge/the-rationale-behind-extended-validation-ev-ssl-certificates/comment-page-1/#comment-6470 Uli Gue Sun, 24 Oct 2010 04:27:01 +0000 http://www.webhostingsecretrevealed.com/?p=2667#comment-6470 No. According to documentation available at CabForum, EV certificates does not provide a safe checking of certificate, because the browser believes at OCSP host provided by certificate. OIDs inserted are not verified because there is none trusted service, unless interactive ones thought IANA, able to verify that OID. The only "safe" implemented is a "trust", under commercial point of view, between enterprises involved at EV project. All of them are related at cabforum site (www.cabforum.com). Mozilla products, for instance, inserts a list of embedded TRUSTED CAs, that are the same for NON EV CAs. So, under technical point of view, there is not improvements, but a "big commercial deal". Once the number of Certificates Providers increases at Internet at last 10 years increasing the competition, Certificates Providers had lower profits, which resulted in the EV proposal. No. According to documentation available at CabForum, EV certificates does not provide a safe checking of certificate, because the browser believes at OCSP host provided by certificate. OIDs inserted are not verified because there is none trusted service, unless interactive ones thought IANA, able to verify that OID. The only “safe” implemented is a “trust”, under commercial point of view, between enterprises involved at EV project. All of them are related at cabforum site (www.cabforum.com).
Mozilla products, for instance, inserts a list of embedded TRUSTED CAs, that are the same for NON EV CAs. So, under technical point of view, there is not improvements, but a “big commercial deal”. Once the number of Certificates Providers increases at Internet at last 10 years increasing the competition, Certificates Providers had lower profits, which resulted in the EV proposal.

]]> http://www.webhostingsecretrevealed.com/web-hosting-knowledge/the-rationale-behind-extended-validation-ev-ssl-certificates/comment-page-1/#comment-5998 Joseph A'Deo Tue, 10 Aug 2010 21:39:44 +0000 http://www.webhostingsecretrevealed.com/?p=2667#comment-5998 Thanks for the EV notes in this article. At VeriSign we also discuss the strength of the green url bar itself -- it's unspoofable by hackers, so it cuts down on phishing attempts quite a bit. Any "fake" sites built to purloin customers' private info can easily be spotted by the lack of green in the url bar if one's legit site happens to be encrypted with extended validation ssl. Just another reason to protect one's webpages in this manner, and foster a trustworthy relationship with potential buyers. Thanks for the EV notes in this article. At VeriSign we also discuss the strength of the green url bar itself — it’s unspoofable by hackers, so it cuts down on phishing attempts quite a bit. Any “fake” sites built to purloin customers’ private info can easily be spotted by the lack of green in the url bar if one’s legit site happens to be encrypted with extended validation ssl. Just another reason to protect one’s webpages in this manner, and foster a trustworthy relationship with potential buyers.

]]>