Public key certificates play an essential role in PKI-based security systems. In protocols such as HTTPS, a certificate can be used to build the trust relationship for the client browser. There are different types of certificates, each one providing a level of trust to the client. The simplest one is the Domain Validated (DV) certificate, which is issued if the CA ensures that the requester controls the domain name. The next type is called the Organization Validated (OV) certificate, which provides more trust since the CA verifies the business behind the requesting website and provides the company name in the certificate. The highest level of trust is provided by Extended Validation (EV) certificates, where the CA requires extra documents to verify the requesting business.
The benefit of EV certificates compared to OV and DV ones was the way web browsers treat them. That is, depending on the browser, the address bar became green and the company name was displayed before the URL. These visual signs were aimed to help the users recognize fraudulent websites.
However, the visual signs of EV certificates are no longer supported by major browser vendors as mentioned by Troy Hunt. It seems that the major benefit of EV over other types of certificates is disappeared.
No comments:
Post a Comment