EV SSL Certificates FAQs

What is the Extended Validation Standard?

In 2006, a group of leading SSL Certificate Authorities (CAs) and browser vendors approved standard practices for certificate validation and display called the Extended Validation Standard (known during development as "High Assurance"). To issue an SSL Certificate that complies with the standard, a CA must adopt the extended certificate validation practice and pass a WebTrust audit. The validation process requires the CA to authenticate the certificate applicant's domain ownership and organizational identity, as well as the individual approver's employment with the applicant, and authority to obtain the Extended Validation SSL Certificate.

What is the EV SSL Certificate Validation Process?

The goal of the validation process is to ensure that consumers have a way to authenticate legitimate sites from phishing sites. The increased trust and consumer protection offered by EV certificates necessarily involves a more rigorous validation process. This new procedure has been established by the industry group, CA/B Forum.

Some basic requirements that a business needs to conform to obtain an EV SSL certificate include (but are not limited to):

Legal status as a company created by government filing
Registration number of incorporation
Place of business is in same jurisdiction (e.g. country) as place of business registration
Organization name
Business name
Full address and main phone number of place of business

What is the change-over process, and can I change providers?

Changing providers is not only possible, it's quite simple. Whether your organization is a new or an existing customer, IdeaOverTen will provide step by step guidance to assure success in obtaining EV certificates. Your existing certificate provider is prevented from using any information it knows about you to shortcut the issuance of an EV certificate, so the switch to EV is an opportunity to try another SSL provider.

Does this change the "lock" symbol designation?

Internet Explorer 7 on Vista will continue to display the familiar lock symbol, which will be moved from the bottom tool bar to a space right next to the Web address field. As before, clicking the lock symbol will reveal the details about the certificate function properties and issues.

Will certificate provider names be shown in the toolbar?

When the IE7 address bar turns green, a field immediately to the right of the address bar will toggle between the name of the certificate issuer and the business that owns the site found by the browser.

Who established this new standard?

The CA Browser Forum is an International, industry-wide association made up of all the major browser makers and certificate authorities including SecureTrust, Microsoft, Mozilla, Opera, Apple, KDE, Verisign, Comodo, RSA, DigiCert and more. The EV standard is the first standard set in our industry and the work of all these agencies has been towards the common goal of making a safer Internet.