Did you see the Entrust Seal or the Green Bar on your browser?
| SSL | This Seal means Kiinga is fully supported by the Extended Validation SSL from Entrust Inc. This Really means you can be confident when you buy from us! Read about your the benefits when dealing with suppliers using EV SSL like Microsoft, Google, Yahoo and others. |
EV SSL Certificate Objectives
Per the guidelines set forth by the CA/Browser Forum, Extended Validation (EV) SSL Certificates will serve the following purposes:
- Enable Secure Connections
- Like "standard" SSL certificates, which rely on authentication of requesting organization's identity and/or domain control, EV SSL certificates enable secure encrypted communication between a Web site and a site visitor's browser by facilitating the exchange of encryption keys.
- Establish Online Businesses Identity
- EV SSL Certificates establish online businesses identity by confirming the certificate holder's legal and physical existence.
- Help Prevent Fraud
By providing reliable third-party verified identity and address information regarding the owner of a Web site, EV Certificates may help to:
- Make it more difficult to mount phishing schemes and other online identity fraud attacks using SSL certificates;
- Assist companies that may be the target of phishing attacks or online identity fraud by providing them with a tool to better identify themselves and their legitimate Web sites to users;
- Assist law enforcement in investigations of phishing and other online identity fraud, including where appropriate, contacting, investigating, or taking legal action against the perpetrator.
What is EV SSL?
Extended Validation Certificates (EV) are a special type of X.509 certificate which requires more extensive investigation of the requesting entity by the Certificate Authority (CA) before being issued.
Only CAs who pass an independent audit as part of their WebTrust (or equivalent) review may offer EV, and all CAs globally must follow the same detailed issuance requirements which aim to:
- Establish the legal identity as well as the operational and physical presence of website owner;
- Establish that the applicant is the domain name owner or has exclusive control over the domain name; and
- Confirm the identity and authority of the individuals acting for the website owner, and that documents pertaining to legal obligations are signed by an authorised officer.
History
The CA/Browser Forum, a voluntary organization of leading certification authorities (CAs) and Internet browser software vendors has released a set of guidelines for a new type of Extended Validation (EV) certificate, including standardized procedures for verifying and ensuring the identity of the certificate holder.
Extended Validation SSL (EV SSL) Certificates build on the existing SSL certificate format, but provide an additional layer of protection in a strictly defined issuance process created to ensure that the certificate holder is who they claim to be. To ensure the integrity of the process, revocation measures are specified that allow for the quick and effective revocation of improperly issued or used certificates. All leading Internet browser vendors have stated their support for EV SSL, and either currently support or have announced plans to support the technology, which will allow the browser to display the verified identity of a website to a user.
On June 12th, 2007, the CA/Browser forum officially ratified the first version of the Extended Validation (EV) SSL Guidelines, which take effect immediately. The formal approval successfully brings to a close more than two years of effort, and provides the infrastructure for trusted website identity on the Internet.
Vendors of Internet browsers all voiced support and enthusiasm for the new EV SSL Guidelines.
"Determining the identity of the websites they visit has always been a challenge for internet users," said Markellos Diorinos, Security Product Manager for Internet Explorer at Microsoft. "With Extended Validation SSL Certificates, which allow Internet Explorer 7 to display verified identity information for websites, users are now able to make better trust decisions online."
"Mozilla is excited to see the new Extended Validation Guidelines that have resulted from collaboration between Certificate Authorities," said Window Snyder, Chief Security Officer for the makers of the Firefox web browser. "EV SSL will make it easier for Firefox to tell users who is behind the website they're seeing, which is an important factor in making trust decisions."
"We welcome this move to create common guidelines for implementation of Extended Validation Certificates," said Christen Krogh, President of Engineering for Opera Software ASA. "We have always placed user security as our first priority and these certificates will improve digital identity assurance for users of compliant browsers."
"The KDE project is thrilled to take part in this initiative," said Sebastien Kugler of the KDE Project. "It's a great opportunity to make the Internet more secure and a friendlier place, something that is fully in line with the goals of KDE. We look forward to implementing Extended Validation SSL Certificates in our web browsing component."