Extended Validation Certificate

Post Written by
Tamara Gapić
Last modified on July 2nd, 2020 at 1:49 pm

Regular SSL certificate doesn’t help cross-check the website's identity. It is easy to obtain online and there is no identity check by a human being.

At the same time SSL cert doesn’t request force https, so there might be mixed content on the website with files or pages with http and https protocols. That’s why when you click on the left part of the address bar you can see that additional information carries information that WEBSITE IS NOT FULLY PROTECTED.

EV SSL upgrades SSL validation processes with some of the highest standards in identity assurance of the legal entity.

All starts in 2005. when Comodo decided to found Browser Forum for making guidelines for CA (certificate authority – certificate issuer such as Comodo, GlobalSign, Lets Encrypt, etc). Guidelines must include:

• Establishing legal, physical and operational existence of the entity
• Confirming that entity has rights to use the domain mentioned in the application for cert.
• Confirming that request for EV cert. is authorized by the entity.

Ev SSL cert. has subject with public key X.509 Oids – longer and more complicated key means better protection (more complex encryption of the information exchanged between clients and the company).

How we recognize websites with EV certificate:

• Green address bar (EV certs. where company name is written in this bar are more expensive)
• Padlock
• https://

Benefits:

• business transparency
• information’s confidentiality – that builds a trust between company and the clients

NOTE

Lets Encrypt renews their certificates every three months automatically and that makes the problem to their users.