All the latest UK technology news, reviews and analysis
|
|
|
10 Nov 2006
Microsoft plans to add support for the upcoming Extended Validation standard for SSL certificates this January through a software update to Internet Explorer 7.
Secure Sockets Layer (SSL) certificates allow web users to verify the identity of the organisation running a website, and indicate that the site's traffic is encrypted. The certificates are commonly used by banks and e-commerce websites.
Users can identify a website using certificates through a small padlock that shows up in the browser window.
Older versions of Internet Explorer place the icon in the bottom of the window while Internet Explorer 7 puts it in the address bar. Firefox colours the address bar yellow in addition to displaying a padlock.
Online scammers, however, have eroded trust in SSL certificates as they started to use them for phishing websites and other online scams.
Browsers will still recognise certificates that are not issued by official certificate authorities, but critics claim that some certificate authorities fail to check the identity of applicants because they prefer revenues over rigid security.
The Extended Validation SSL certificates will introduce a more stringent vetting process, including verification of the applicant's physical existence, identity and place of business, as well as its right to use the domain name for which the documents is requested.
The standard is defined by the CA/Browser Forum which comprises certificate authorities and browser developers. The organisation published a Draft 11 (PDF) version of its guidelines last month.
Microsoft earlier this week urged fellow members on its IE Blog to support the current guidelines in their certificates and browsers.
Following an update to Internet Explorer 7 scheduled for January, the address bar in the browser will turn green when the user visits a website that uses an EV SLL certificate, and will display the name of the certificate authority which issued the document.
The Opera and KDE browsers plan to add support for the technology, but Mozilla, which is part of the CA/Browser Forum, but has not yet publicly discussed how it will support the standard.
Several certificate authorities are starting to advertise the new certificates in anticipation of the new industry support.
Hosting provider GoDaddy said that it expects to start selling the certificates early next year, while Xramp is planning to start selling certificates based on the current draft specifications later this month.
VeriSign will sell EV SSL certificates, but was unable to say when it will start issuing the documents.
Latest stories from Web
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Sneak peek at the forthcoming glass-based machine
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Support Analyst x 1/2 Skills: Apple Mac OSX, Windows...
Network Consultant - London - 55-65k My client are...
A leading global provider of critical information to...
Playstations and table football in the kitchen? Standard...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Another hype
There exists no such thing as "SSL certificate". X.509 certificates are used in SSL/TLS but they are part of other standards family, not related to SSL at all. So, what is the talk about at all? No technical details, and "high security standards" that the description on the official site (which doesn't mention the parties involved) means obviously nothing more than "more money to charge". Another hype.
Posted by: Eugene Mayevski 10 Nov 2006