web analytics

SSL Certificate Reviews

Apr 30

SSL Reviews

Guys, it has been 1 months since my last blog post was really busy with stuff related SSL Certificate. I was busy with some one. In past couple of days I have found that there are many SSL Certificate Reviews.

Most of SSL Certificate Reviews are regarding brands and service provided either by vendor or their partners. SSL Certificates are not reviewed as they are available forms. There are major three SSL Certificate Domain Vetted(Verified) SSL Certificate (DV SSL Certificates), Organization Vetted(Verified) SSL Certificates (OV SSL Certificates) and Extended Validated SSL Certificate (EV SSL Certificates).

I will review SSL Certificates as their type would be much better to make you understand what SSL Certificate you should trust more:

1) Domain Vetted(Verified)( SSL Certificate (DV SSL Certificate) :

Most sold SSL Certificates are Domain Vetted (Verified) SSL Certificate. Because it is cheaper and issued within couple of minutes. Does not require much documentation and anyone can get it. Need only phone verification or email verification to email which either belongs to whois or email address as following :

  • admin@domain
  • administrator@domain
  • webmaster@domain
  • hostmaster@domain
  • postmaster@domain
  • Plus any address listed in the technical or administrative contact field of the domain’s WHOIS record, regardless of the addresses’ domains.

Mozilla Firefox is not recommending this practice because this has security risk on this. Many SSL Certificate vendor uses for example person register domain for 2 years but gets SSL Certificate for 5 years. What will happen if domain expires and another person get that domain and person who had domain and uses existing SSL Certificate to misuse it using DNS spoofing. This is highest risk certificate, I personally don’t trust DV certificates. There is DV wildcard certificate. WildCard SSL Certificate can be used for phishing. Someone can use WildCard SSL certificate for phishing attack, like installing SSL Certificate for https://paypal.xyz.com and you trust this site as it has SSL Certificate and famous payment gateway. One who trust SSL Certificate would think this is Paypal site and will do transaction there. Hence, I would not recommend to trust DV SSL Certificate because one can get SSL Certificate easily and can manipulate with internet security.

I will write about Organization Vetted SSL Certificate and Extended Validated SSL Certificate in my next blog post stay tuned to learn more about the same.

Write is Gaurav Maniar (IT Manager, SSL Support Expert @ www.thesslstore.com, MCITP, MCSE, MCSA)

Enhanced by Zemanta
Read More