Over the last few years the number of organizations using TLS/SSL Certificates has increased dramatically. The applications for which TLS/SSL is being used has also expanded. For example:
- Some organizations need TLS/SSL simply for confidentiality, e.g. encryption
- Some organizations wish to use TLS/SSL to enhance trust in their security and identity, e.g. they want to show customers they have been vetted and are a legitimate organization
As the applications for TLS/SSL have started to become wider, three types of TLS/SSL Certificate have emerged:
Extended Validation (EV) TLS/SSL Certificates
The Certification Authority (CA) checks the right of the applicant to use a specific domain name plus it conducts a thorough vetting of the organization. The issuance process of EV Certificates is strictly
defined in the EV Guidelines, as formally ratified by the CA/Browser forum in 2007, that specify all the steps required by a CA before issuing a certificate, and includes:
EV Certificates are available for all types of businesses, including government entities and both incorporated and unincorporated businesses. A second set of guidelines, the EV Audit Guidelines, specify the criteria under which a CA
needs to be successfully audited before issuing EV Certificates. The audits are repeated yearly to ensure the integrity of the issuance process.
- Verifying the legal, physical and operational existence of the entity
- Verifying that the identity of the entity matches official records
- Verifying that the entity has exclusive right to use the domain specified in the EV Certificate
- Verifying that the entity has properly authorized the issuance of the EV Certificate
- Organization Validation (OV) TLS/SSL Certificates
The CA checks the right of the applicant to use a specific domain name PLUS it conducts some vetting of the organization. Additional vetted company information is displayed to customers when clicking on the Secure Site Seal, giving enhanced
visibility as to who is behind the site and associated enhanced trust.
- Domain Validation (DV) TLS/SSL Certificates
The CA checks the right of the applicant to use a specific domain name. No company identity information is vetted and no information is displayed other than encryption information within the Secure Site Seal. In addition to GlobalSign DV
TLS/SSL Certificates, lower cost AlphaSSL DV TLS/SSL Certificates are also available and issued via GlobalSign as well.
GlobalSign -- a simplified range of flexible TLS/SSL Certificates
GlobalSign is the first TLS/SSL Provider to offer a simplified range of TLS/SSL Certificates -- fitting neatly into the three newly
defined TLS/SSL classes of Domain Validation (DV), Organization Validation (OV) and Extended Validation (EV). By taking its over 20 years of experience in delivering trusted TLS/SSL solutions, GlobalSign has pioneered a simple approach to the
three classes of TLS/SSL the market has seen emerge over recent years.
Other TLS/SSL Providers favor using complex product naming and classifications, with basic features being used to differentiate otherwise identical products. GlobalSign bucks this trend by adopting simple product naming and assigning
feature sets as options within each product class. This approach is designed to eliminate the time consuming and frustrating "which Certificate do I need" issues faced by customers evaluating TLS/SSL vendor
The simplified classification of GlobalSign TLS/SSL consists of:
Organization Validation: OrganizationSSL
Extended Validation: ExtendedSSL> The latest, and possibly most significant, advancement in TLS/SSL technology since its initial inception follows the standardized Extended Validation guidelines. New high
security browsers such as Microsoft Edge, Opera, Firefox, Google Chrome, Apple Safari, and iPhone Safari identify Extended TLS/SSL Certificates as EV Certificates and activate the browser interface security enhancements, such as the Green
Address Bar. For customers who wish to assert the highest levels of authenticity, ExtendedSSL is the ideal solution.
GlobalSign has been issuing organization validation Certificates for over 20 years. Companies applying for OrganizationSSL have their company details vetted before issuance.
Domain Validation: DomainSSL
DomainTLS/SSL Certificates are fully supported and share the same browser recognition with OrganizationSSL, but come with the advantage of being issued within 1 hour (current customers and new customers paying by a non-check method) and
without the need to submit company paperwork. This makes DomainSSL ideal for businesses needing a low cost TLS/SSL quickly and without the effort of submitting company documents. New customers
that use their checking account
for payment by check
will see a delay in the issuance of certificates because the check must clear our bank first.