Educational ICT Virtualisation Specialist

Twitter LinkedIn E-mail
Precedence Technologies Ltd
Technology House, 36a Union Lane
Cambridge, CB4 1QB, United Kingdom
T: +44 (0)8456 446 800 / +44 (0)1223 359900
E: enquiries@precedence.co.uk
Authentication

Wiki Home

Tools

Jump To: Products > SSL > Authentication

Authentication

When requesting an SSL certificate, you will need to prove that you have the rights to use that domain. The level of checks done depend on which type of certificate you choose.

Extended Validation

This is the highest level of authentication available with an SSL Certificate. The CA/Browser Forum, a consortium of Certificate Authorities and Browser manufacturers, developed this category of Web site authentication as an industry-wide standard. In order to be authorized to issue EV SSL Certificates, a CA must pass regular third-party audits confirming that it meets the requirements set out in this standard for validating the identity of certificate requesters. More information on the CA/Browser Forum and the EV standard is available at http://www.cabforum.org/. The CA requires a signed acknowledgement of agreement from the corporate contact listed on any order for an EV SSL Certificate. A company registration document may also be required if the we are unable to confirm the organization’s details through a government database. A legal opinion letter may also be requested to confirm the following details about the organization applying for the Extended Validation SSL Certificate:

  • Physical address of place of operation
  • Telephone number
  • Confirmation of exclusive right to use the domain
  • Additional confirmation of the organization’s existence (if less than 3 years old), and verification of the corporate contact’s employment.

These are the standard methods of identity verification used to validate organizations for EV SSL Certificates, however, documentation requirements may vary depending on the information available on various approved online databases

Organisation Authentication

This is a high assurance level of authentication. SSL Certificates with this level of authentication require verification of an organization’s existence through a government issued business credential. Usually the CA will get this independent verification by searching one of many government or private databases to which they have access. If they cannot find "proof of right" to do business in the stated name for a certificate requester, a copy of one of the following items may be requested:

  • Articles of Incorporation
  • Business License
  • Certificate of Formation
  • Doing Business As
  • Registration of Trade Name
  • Charter Documents
  • Partnership Papers
  • Fictitious Name Statement
  • Vendor/Reseller/Merchant License
  • Merchant certificate
  • US Tax Licenses for non-profit organizations and sole proprietorships (in either case the state tax documents must list the organization as non-profit or sole proprietor)

Domain Authentication

Many CAs offer domain authenticated SSL Certificates. These lower assurance certificates are appropriate for organizations concerned primarily with encryption. Domain authenticated certificates are the lowest form of authentication available. An entity requesting a domain authenticated certificate will go through a process to help verify that they either own the domain requested or that they have the right to use that domain name. Additionally we will verify that the email address for the contact requesting the certificate is either listed in the WHOIS directory or meets the CA's predetermined email alias requirements.

© Copyright Precedence Technologies 1999-2024
Page last modified on March 04, 2014, at 01:06 PM by sborrill