Buyers Guide to EV SSL

   Step 1: What is an EV SSL?
   Step 2: SSL vs. EV SSL
   Step 3: Merchant Benefits
   Step 4: EV SSL Validation Process
   Step 5: Buying An EV SSL Certificate


 EV SSL FAQs
   EV SSL Certificate FAQs
   SSL vs. EV SSL
   Certification Authority/Browser Forum
   Validating the Certificate Authority
   Benefits of EV SSL


 EV SSL Info
   EV SSL News
   EV SSL Polls


 Advertisement


ev ssl certificates
(Visit Buy SSL Certs for all SSL Certificates including EV SSL )


 EV SSL Polls


   View All Polls


Which brand of EV SSL are you considering purchasing or currently using?









View EV SSL Certificate Poll Results

Guide to EV SSL: Validating the Certificate Authority

The CA/Browser Forum has a stringent set of standards and requirements that certification authorities must follow, in order to keep their EV SSL certification.

With the WebTrust audit process, the CA/Browser Forum is able to guarantee the reliability of the EV SSL certificate authentication requirements for all CAs.

Administered annually, the audit consists of a lengthy requirement checklists-some of which are covered previously in this article-which can be found in its entirety, at the CA/Browser Forum website.

WebTrust Audit Guidelines
If a CA passes the audit, not only can the CA confirm that they are validated to distribute certificates, a separate, WebTrust for Certification Authorities can also be applied.

If the CA fails the WebTrust audit, that CA may lose the EV status in the selected browser manufacturers' Trusted Root Store.

As well, if a CA does not pass the annual audit, all of the EV SSL Certificates will be revoked.

Then, anytime the websites are accessed, the address bar and status bar will turn red, instead of green, and the EV SSL status will be downgraded to the traditional SSL. End-users that visit the non-EV SSL sites will do so at their own risk, as the site will no longer be recognized as EV SSL compliant.

The CAs maintain a list of revoked certificates that is checked on the spot, every time an end user visits an EV-secured web site.

IE 7.0, Firefox and Opera are currently working and implementing technologies to help an end-user know whether the certificate has been revoked.

All of the above browsers offer anti-phishing filters, which can facilitate a way to know whether the EV SSL certificate is valid, or whether the site is dangerous to the end-user, or whether the site is suspicious.
  • Green Address Bar-Valid EV SSL certificate
  • Yellow Address Bar-Suspicious site, use caution.
  • Red Address Bar-Dangerous site, do not proceed with sending any sensitive material.
Trusted Root Certificates and Online Certificate Status Protocol
CAs issue Trusted Root Certificates, so end-users can identify SSL-based web sites, secure email senders and other systems.

In order to check whether and individual EV SSL certificate has been revoked, end-users can utilize the Online Certificate Status Protocol (OCSP), which allows them to query the CA data repository, in order to reveal the status of any certificate.

IE7 and other recent browsers support the OCSP feature. This functionality can be activated directly or it can be activated when the Phishing Filter is enabled.



ev ssl                      pci compliance asv


pci compliancePrint this page

| Home |  EV SSL FAQs |  Buyers Guide to EV SSL |  Where to Buy |  EV SSL News |    EV SSL Certificate Polls | 
© 2007 EV SSL Guide.com
   All right reserved - do not copy any material without written permission.



Visit Buy SSL Certs for all SSL Certificates