To unsubscribe from this opt-in list, please click the link at the bottom of your email.
Happy Dog Web Design and Hosting Home Design Web Hosting Support Contact

 

Did you know that you have at your fingertips over 38 of the most popular open source web applications available anywhere? And did you know they are FREE to Happy Dog hosting customers?  continued »

 

Whether you love them or hate them, one thing is certain - giant social networking web sites like MySpace, Facebook, Twitter, and YouTube offer one of the best marketing opportunities that's come along in years, and it's all FREE!  continued »

 

With the ever-increasing scams that are popping up every day directed at web site owners and their customers, our hope is to use this column to give you a heads-up as they appear. In this issue we will discuss the ever-growing practice of "slamming."  continued »



«« front page

Confused About SSL Certificates?

Don't worry, most people are. And web customers rarely understand how it all works, they just want the confidence in seeing that little padlock or green bar appearing in their browser. They want the security of knowing their personal information is being sent in a safe and hacker-proof manner. But what does that actually mean? And how does the type of certificate determine the perceived level of security or safety the customer experiences?

There is a direct and statistical connection between a customer's feeling of safety and their inclination to completely follow through with a sale all the way to the final confirmation screen. Using a reputable Certificate Authority like Thawte has proven to increase sales and provide a higher conversion rate.

What do SSL certificates do?

SSL, or Secure Sockets Layer, acts an intermediary between your web site and the end-user's computer by encrypting and decrypting sensitive information as it is being sent to and from your web site. This ensures the information being sent or received cannot be intercepted and viewed by others.

From the customer's viewpoint, this is what occurs during a secure connection:
  1. The browser checks the certificate to make sure that the site it is connecting to is the real site and not someone intercepting or spoofing the real site.
  2. The web server then determines what encryption format the browser and web site can both use to understand each other.
  3. The browser and web site then send each other unique codes to use when scrambling (or encrypting) the information that will be sent.
  4. The browser and web site start talking to each other using the encryption, the web browser displays the encrypting padlock signifying a successful secure connection, and web pages are transmitted in an encrypted connection.

Happy Dog offers three levels of Thawte SSL secure web server certificates: DV Certificates, OV Certificates, and EV Certificates. Secure certificates and their uses can be rather confusing, so we thought we would explain the subtle differences so you can confidently choose the right certificate for your web site.

All three levels of certificates offer the same level of encryption using Single Root Certificates (superior to Chained Root Certificates), but the vetting process, and therefor the amount of perceived trust between the web site visitor and web site owner, varies.

Three Types of Certificates

DV Certificates (Domain Validation) are those where the Certificate Authority verifies only the right of the applicant to use the specific domain name. The domain name's owner is verified with the appropriate registrar. There is no vetting of the organization. This type of certificate is the least trusted and should only be purchased for economy reasons, or for the need to obtain a permanent dedicated IP address. The next level higher, the OV Certificate, is the minimum preferred for e-commerce sites or any web site that accepts credit cards or other personal information online.

OV Certificates (Organization Validation) are those where the Certificate Authority checks the right of the applicant to use a specific domain name, and the Certification Authority also checks that the certificate holder is the rightful owner of the business behind the domain name, so some basic vetting of the organization is performed prior to the issuance of the certificate. The OV Certificate is the most common certificate in use today and offers a great balance between security and affordability.

EV Certificates (Extended Validation) are those that produce a visible green browser address bar when a secure URL is entered. There are only a handful of Certificate Authorities who are allowed to issue EV certificates. EV Certificates are superior to standard DV and OV certificates in that the web site's owner must go through a much more stringent verification process by the issuing Certificate Authority. This provides greater security to end-users of the web site by ensuring the following standards are met:
  • Establishes the legal identity as well as the operational and physical presence of the website owner;
  • Establishes that the applicant is the domain name owner or has exclusive control over the domain name; and
  • Confirms the identity and authority of the individuals acting for the website owner, and that documents pertaining to legal obligations are signed by an authorized officer of the company.

This rigid verification process raises the price of an EV Certificate substantially over a standard OV SSL web server certificate, but there is no higher standard available anywhere that matches the security of the EV Certificate.

Single Root Certificates Versus Chained Root Certificates

Every company that sells SSL certificates offers all three types, however, there are actually two different quality levels for each type, depending on who the issuing company is. The two levels are Single Root Certificates and Chained Root Certificates.

Thawte certificates are Single Root Certificates, which are superior to the lesser Chained Root Certificates offered by companies like Comodo and others.

Single Root Certificates, such as those provided by Thawte, are based directly on Root Certificates that are already recognized and present in almost all browsers and other applications that accept security verification. As a result, at the time of verification and setting up a secure connection, the web browser easily accepts the Single Root SSL Certificate and provides a secure connection almost instantaneously.

Chained Root Certificates, such as those provided by Comodo and others, are based on Root Certificates that are themselves based on other Root Certificates. They do not have a Trusted Root CA Certificate present in browsers, or do not use a root that they own, and use a Chained Root in order for their SSL Certificates to be trusted. As a result, at the time of verification and secure connection set-up, the web browser has to go through a chain of Root Certificates before it can verify the identity of the SSL certificate. This sometimes leads to an error and rejection of the SSL certificate, so such certificates are not 100% reliable for all transactions.

Since Single Root Certificates are based directly on a Trusted Root Certificate, they are comparatively more secure and tamper proof than Chained Root SSL Certificates. Single Root Certificates from Thawte are a sign of stability and trust. Single Root SSL Certificates are the best choice for website security certification.

Please feel free to contact us with any questions regarding secure SSL certificates and their differences.



Got a question or idea for an article in a future issue of our newsletter? Please feel free to submit your idea to us.
© 2000-2009 Happy Dog Web Design LLC  |  Privacy Policy Home  |  Design  |  Hosting  |  Support  |  Contact