What is the technical difference between SSL and EV SSL certificates?

6

I'm in the phase of implementing the Cielo API on my site. On the integration site there are two types of certificates in this link , EV SSL, and SSL .

Honestly I'm messing with Certified for the first time, I know the SSL but I did not understand the technical difference between the two, just the difference between the price being astronomical.

    
asked by anonymous 20.10.2017 / 15:49

2 answers

4

The difference between the two is a bureaucratic issue.

Both guarantee virtually the same level of security against electronic attacks. What the EV gives the most is a guarantee that the entity issuing the certificate (ie: GoDaddy, Digicert etc.) actually investigated the company that purchased the certificate to ensure that it is a legitimate and reputable entity. >

In other words, EV SSL is an SSL combined with a "good background certificate."

The search criteria are defined by the CA / Browser Forum , a consortium of certification authorities. Currently, to get an EV SLL, you need to prove the following:

  • That your domain is owned by a physical or legal person, with a physical (person, not server board) address known. I believe this requires at least one interview because the related Wiki says that they seek to establish their "physical and operational presence";
  • Ensure that the above individual or legal entity is the sole owner and controller of the domain that will receive the certificate;
  • Ensure the identity of all persons who have authorization from the domain owner to represent it.

As you can see, this is a very high and expensive valuation level. But this gives users a guarantee that the site owner is a fair person and that everyone knows where he lives, not the hackovisky in a basement in Siberia trying to steal his credit card number. And finally ... To demonstrate the highest security of EV SSL sites, today's browsers paint some parts of the green address bar - and for accessibility for color blinds, they also often display a lock and the word "secure" .

    
20.10.2017 / 16:06
3

Font

  

Extended Validation (EV) is the highest-class SSL certificate available. Although it uses the same powerful encryption as other SSLs, to have it requires full verification of the applicant's business. What you get is a high visibility green address bar that makes the visitors feel secure instantly. If you accept payments online, the EV is your best bet.

The difference

  

The first example is a normal SSL certificate, which means that it is a valid certificate issued by a trusted Certificate Authority, but there has been no extended validation of the domain / site owner. This may mean that the certificate claims to be from Foo Inc., but CA did not verify that the person / entity requesting the certificate was actually Foo Inc. when they issued the certificate.

     

The second example is an Extended Validation SSL Certificate. This type of certificate does extended validation where the CA checks the physical address and other details of Foo Inc. before issuing the certificate. In the end, this serves to give more security to the end user that the site / domain owner is in fact the Foo Inc company.

Source

In addition the bar will have that green that creates a feeling of "super insurance"

Here'sawell-detailed answer :

    
20.10.2017 / 15:57