The purpose of an SSL certificate is to secure the transfer of information sent between a web server and web browser. Checking to see if the requester of a certificate is legitimate is beneficial to the user and a business. When SSL certificates are purchased, there are three ways to perform the validation.
Organizational Validation
Multiple sources of information are checked for a business. This is done to ensure that information found about the names of the business and who owns and runs the business (the whois record) matches with registration of the business. Another check is done to ensure that these details match with local business listings. When all of the required information matches, the business is issued a certificate. A certificate that is issued using an organizational validation method will ensure the certificate is properly verified. This allows an online user to see any information that is needed to verify identity of a business. The user will see an indicator on their browser that a site has been issues an SSL certificate.
Domain Validation
One of the most affordable SSL certificate validation methods is by domain validation. This is a type of validation that is done at the domain level. The process is started by sending an email to an account that is associated with the domain. This is to check if the recipient is the person controlling the domain. The use of email does not guarantee that this person is the legitimate owner of the domain. A phone call can also be made to a person associated with the domain name to perform the validation. Information that is contained in the registrant or whois record is used to contact the domain owner. Issuance of a certificate using this method ensures that a company or business has been properly verified. A user will also find a specific type of indicator in their browser.
Extended Validation
This is a popular method for completing SSL certificate validation. A user will see a green highlight for a website and a business name appearing in the browser's address bar. This is a special emphasis that is given to companies that use this type of validation method for SSL certificates. The required details for a business are first verified using the organization validation method. Contact is then made to a domain owner to ensure all of the information is verified. The phone number used is obtained for a local phone directory and not from a whois record. The issue of an SSL certificate that uses this validation will take up to two weeks.
Additional Information
Another option for validating an SSL certificate is to use a self-signed certificate. When this option has been used, a warning is displayed in a web browser asking the user if they want to proceed.
0 comments:
Post a Comment