Although all SSL certificates use similar methods to protect and validate your data, a useful way to categorize them is by validation method. Any certificate must be verified by the issuing Certificate Authority (or CA) to ensure that it is covering the correct, authorized site. This verification confirms at a minimum control of the domain. However, more steps can be taken to also confirm the existence of the requesting company or organization (for OV certificates) or to establish even more trust through extended vetting (for EV certificates).
Domain validated or DV certificates are the most common type of SSL certificate. They are verified using only the domain name. Typically, the CA exchanges confirmation email with an address listed in the domain’s WHOIS record. Alternatively, the CA provides a verification file which the owner places on the website to be protected. Either method confirms that the domain is controlled by the party requesting the certificate.
Organization validated or OV certificates require more validation than DV certificates, but provide more trust. For this type, the CA will verify the actual business that is attempting to get the certificate (the information required for OV certificates). The organization’s name is also listed in the certificate, giving added trust that both the website and the company are reputable. OVs are usually used by corporations, governments and other entities that want to provide an extra layer of confidence to their visitors.
Extended validation or EV certificates provide the maximum amount of trust to visitors, and also require the most effort by the CA to validate. Per guidelines set by the CA/Browser Forum, extra documentation must be provided to issue an EV certificate (as described in EV SSL Requirements). As in the OV, the EV lists the company name in the certificate itself, However, a fully validated EV certificate will also show the name of the company or organization in the address bar itself, and the address bar is displayed in green. This is an immediate, visual way that viewers can know that extra steps were taken to confirm the site they’re visiting – which is why most large companies and organizations choose EV certificates.
Other SSL Certificates
The above are the major types usually issued to protect websites. SSL.com also offers code signing certificates and personal authentication certificates (the latter can also protect email using S/MIME standards). These may require somewhat different validation methods than DV, OV or EV certificates – just contact us at SSL.com for more information.