web analytics

SSL Review Part – II

May 15

Its been long I know, Its been 2 weeks since my last post was really busy with office work but as I said in my last post. I will try to write regularly about Security related things as I come across. To continue with my last blog post regarding SSL Review. Today, I am going to review Organization Vetted or Organization Verified SSL Certificate also called as OV SSL Certificate. Different vendors given it different brand name like Geotrust calls it as “True Business ID Certificate” while VeriSign calls it “Secure Site” or Comodo’s “Instant SSL Certificate” all vendors have given it different names.

Organization Vetted(OV) SSL Certificate

When SSL Certificate invented, they were issued against verification all organization documents.  As I read somewhere you have to provide as many documents as you are opening new back account or getting license to do certain business. This is medium trusted SSL Certificate not poorly issued Domain Vetted Certificate which requires only domain level authentication to get you unsafe SSL Certificate (Yes, Domain Vetted SSLs are untrusted).

OV SSL Certificate requires business documents and that means they are verified at certain level and you can trust them because it has verified organization which wants SSL Certificate not only domain level verification.

OV Requires certain documents which are as following. They may change Vendor to vendor.

1) Domain Verification if privacy protection is not that is not validated. You need to have privacy protection off

2) Third Party verification like Government Documents or Yello pages

3) Employee or issuer authorization letter by Organization.

There may be some more documents but above are generally requested by SSL Certificate vendors. organization vetted SSL Certificate generally takes 2 to 3 days to issue and you can install. This is general time given by vendors like Geotrust, Comodo, VeriSign, Trustwave, Entrust etc.

SSL Certificate are most required for person having e-commerce website and they are requested when they want PCI Compliance. SSL Certificates will help you to secure your clients data and Organization Vetted SSL Certificate is one of the best solution. The Best Solution which I like the most is EV or Extended Validation process which requires very high verification process or organization and that means it is secure. Organization Vetted SSL Certificate helps your customers to prevent against phishing attacks but Extended Validation will help you to make them to trust you more.

I will review Extended Validation soon and will provide you more information.

Write is Gaurav Maniar (IT Manager, SSL Support Expert @ www.thesslstore.com, MCITP, MCSE, MCSA)