Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Browser Certs Can't Force Adherence


Extended Validation certificates, developed by the CA/Browser Forum, are supposed to ensure that an SSL-enabled Web site is a legal entity and communicate that fact to users and, in doing so, help protect them from phishing and fraud.

The CA/Browser Forum is a vendor consortium made up of public CAs, such as Comodo, GoDaddy, RSA and VeriSign, as well as Web browser developers like the KDE Project, Microsoft, the Mozilla Foundation and Opera Software.

The use of digital certificates for SSL in browsers is fundamentally flawed, leading to easy confidence games like phishing and fraud. EV certificates are issued to Web sites after the company has been identified as a legal entity using a set of standardized procedures followed by all participating certificate authorities. Unfortunately, EV certificates don't significantly mitigate the problems with digital CAs and don't address the problem of authoritatively identifying a Web site as legitimate. But if EV certificates gather credibility with users, your organization may be forced into applying for one.

Consumers and enterprises alike are rightly concerned with privacy and security when conducting business on the Internet. Without the familiar setup of the brick-and-mortar world, it's difficult for users to judge the validity of Web sites with which they do business.

Extended Validation certificates, developed by the CA/Browser Forum, are intended to allay some of those concerns by certifying sites that are valid business entities.

The CA/Browser Forum's EV certificate guidelines standardize the scrutinization of certificate applicants and require EV CAs (certificate authorities) to pass a "WebTrust for CA" audit. And EV certification is making its way into the mainstream; the CA/Browser Forum's EV guidelines aren't final, but Microsoft's Internet Explorer 7 already supports EV certificates.

  • 1