*** Welcome to piglix ***

Extended Validation Certificate


An Extended Validation Certificate (EV) is a certificate used for HTTPS websites and software that proves the legal entity controlling the web site or software package. Obtaining an EV certificate requires verification of the requesting entity's identity by a certificate authority (CA). Web browsers show the verified legal identity prominently in their user interface, either before, or instead of, the domain name. During software installation, the verified legal identity is displayed to the user by the operating system (e.g., Microsoft Windows) before proceeding with the installation.

EV HTTPS certificates contain a subject with X.509 OIDs for jurisdictionOfIncorporationCountryName, businessCategory, and serialNumber, with the serialNumber pointing to the ID at the relevant Secretary of State (US) or national government business registrar (outside US), as well as a CA-specific policy identifier so that EV-aware software, such as a web browser, can recognize them.

EV certificates use the same encryption as organization validated certificates and domain validated certificates: the increase in security is due to the identity validation process, which is indicated inside the certificate by the policy identifier.

The criteria for issuing EV certificates are defined by the Guidelines for Extended Validation, currently (as of January 7 2017) at version 1.6.1. The guidelines are produced by the CA/Browser Forum, a voluntary organization whose members include leading CAs and vendors of Internet software, as well as representatives from the legal and audit professions.

In 2005 Melih Abdulhayoglu, CEO of the Comodo Group, convened the first meeting of the organization that became the CA/Browser Forum, hoping to improve standards for issuing SSL/TLS certificates. On June 12, 2007, the CA/Browser Forum officially ratified the first version of the Extended Validation (EV) SSL Guidelines, which took effect immediately. The formal approval successfully brought to a close more than two years of effort, and provided the infrastructure for trusted Web site identity on the Internet. Then, in April 2008, the Forum announced version 1.1 of the Guidelines, building on the practical experience of its member CAs and Relying-Party Application Software Suppliers gained in the months since the first version was approved for use.


...
Wikipedia

...