Web browsers to adopt enhanced SSL

By on
Web browsers to adopt enhanced SSL

IE7 to use Extended Validation SSL certificates in January, others to follow.

Microsoft plans to add support for the upcoming Extended Validation standard for SSL certificates this January through a software update to Internet Explorer 7.

Secure Sockets Layer (SSL) certificates allow Web users to verify the identity of the organisation running a website, and indicate that the site's traffic is encrypted. The certificates are commonly used by banks and e-commerce websites.

Users can identify a website using certificates through a small padlock that shows up in the browser window.

Older versions of Internet Explorer place the icon in the bottom of the window while Internet Explorer 7 puts it in the address bar. Firefox colours the address bar yellow in addition to displaying a padlock.

Online scammers, however, have eroded trust in SSL certificates as they started to use them for phishing websites and other online scams.

Browsers will still recognise certificates that are not issued by official certificate authorities, but critics claim that some certificate authorities fail to check the identity of applicants because they prefer revenues over rigid security.

The Extended Validation SSL certificates will introduce a more stringent vetting process, including verification of the applicant's physical existence, identity and place of business, as well as its right to use the domain name for which the documents is requested.

The standard is defined by the CA/Browser Forum which comprises certificate authorities and browser developers. The organisation published a Draft 11 (PDF) version of its guidelines last month. 

Microsoft earlier this week urged fellow members on its IE Blog to support the current guidelines in their certificates and browsers.

Following an update to Internet Explorer 7 scheduled for January, the address bar in the browser will turn green when the user visits a website that uses an EV SLL certificate, and will display the name of the certificate authority which issued the document.

The Opera and KDE browsers plan to add support for the technology, but Mozilla, which is part of the CA/Browser Forum, but has not yet publicly discussed how it will support the standard.

Several certificate authorities are starting to advertise the new certificates in anticipation of the new industry support.

Hosting provider GoDaddy said that it expects to start selling the certificates early next year, while Xramp is planning to start selling certificates based on the current draft specifications later this month. 

VeriSign will sell EV SSL certificates, but was unable to say when it will start issuing the documents.

Copyright ©v3.co.uk
Tags:
adopt browsers enhanced security ssl to web

Most Read Articles

SA Dept Premier and Cabinet sacks CIO

SA Dept Premier and Cabinet sacks CIO
Optus fibre cable cut in Melbourne

Optus fibre cable cut in Melbourne
NBN Co finally reveals satellite users who will lose ADSL

NBN Co finally reveals satellite users who will lose ADSL
Equifax's top tech execs leave 'effective immediately'

Equifax's top tech execs leave 'effective immediately'
You must be a registered member of iTnews to post a comment.
| Register

Whitepapers from our sponsors

The 5G Business Potential – Industry digitalisation and the untapped opportunities for operators
The 5G Business Potential – Industry digitalisation and the untapped opportunities for operators
Solving IT complexity
Solving IT complexity
Optimising Enterprise Data Centres for the Cloud
Optimising Enterprise Data Centres for the Cloud
Growing companies have a growing interest in technology
Growing companies have a growing interest in technology
RSA NetWitness® Endpoint. Respond 3X Faster to Threats
RSA NetWitness® Endpoint. Respond 3X Faster to Threats

Events

Log In

Username:
Password:
|  Forgot your password?