The number of companies that use SSL certificates has increased significantly over the past few years, there are several reasons for this:
- Некоторые бизнесы нуждаются в SSL, чтобы обеспечить конфиденциальность (т.е. шифрование данных).
- Некоторые бизнесы используют SSL, чтобы добавить больше доверия и уверенности в безопасности для клиентов (они хотят, чтобы вы знали, что они подлинная организация и можете доверять им).
Since the reasons why companies use SSL differ, there are several different types of SSL certificates.
- SSL cертификаты с расширенной проверкой (Extended Validation SSL Certificates – EV)
- Сертификаты с валидацией организации (OV)
- Сертификаты с валидацией домена (DV)
Extended Validation (EV) SSL certificates are only issued when a Certificate Authority (CA) performs validation to ensure that the organization is authorized to use a particular domain plus the CA performs a thorough validation of the organization itself. The EV certificate issuance process is standardized and must strictly adhere to the EV rules, which were created at the CA/Browser Forum in 2007. It specifies the necessary steps that a certification authority must perform before issuing an EV certificate:
- Должен проверить правовую, физическую и операционную деятельности субъекта.
- Должен убедиться, что организаци соотвествует официальным документам.
- Необходимо убедиться, что организация имеет исключительное право на использование домена, указанного в сертификате EV.
- Необходимо убедиться, что организация полностью авторизована для выпуска EV сертификата.
EV certificates are used for all types of businesses, including government and non-profit organizations. It takes 10-14 days to release.
The second part of the rules is relevant for the certification center and describes the criteria which the certification center has to meet before it is allowed to issue an EV certificate. It’s called, EV audit rules, and every year there is an audit for compliance with those rules.
SSL certificates with organization validation are issued only when the Certification Authority has verified that the organization has ownership of the domain plus the Certification Authority performs some checks on the organization itself. Verified information about the company is displayed in the information about the certificate, it shows the visitor what organization belongs to the site. Usually released within 7 days.
SSL certificates with domain validation are issued when a certificate authority has verified that the applicant has rights to the specified domain name. The organization information is not checked and no information about the organization is displayed in the certificate. DV certificates can be issued instantly.