Jump to content

Cre8asiteforums Internet Marketing
and Conversion Web Design


Photo

Ev Ssl Certificate


  • Please log in to reply
2 replies to this topic

#1 glyn

glyn

    Sonic Boom Member

  • Hall Of Fame
  • 3144 posts

Posted 25 November 2016 - 05:18 AM

HI there.

 

I am looking to purchase some Extended Validation SSLs in the  UK, any recommended suppliers?

 

Glyn.



#2 iamlost

iamlost

    The Wind Master

  • Site Administrators
  • 5280 posts

Posted 26 November 2016 - 10:47 PM

Sorry, I dunno.

 

That said, I didn't show up just to shrug; rather I've been watching the advent of EV SSLs with interest and see it as a new battleground now that bog standard certs are cheap to free - and really want your opinion on what value, i.e. trust, difference you see now and in the future between the two given that the verification agencies are pretty much charging the earth for very little:

* green company name following green lock

* company name and address shown in secure info blurb.



#3 glyn

glyn

    Sonic Boom Member

  • Hall Of Fame
  • 3144 posts

Posted 28 November 2016 - 03:34 AM

My understanding is this.

 

As there are authorities that sign the SSLs that have, in the past been hacked, and which they authenticate SSLs while compromised themselves, the Extended Validation SSL will check a file on the issuing authority site and compare this with the one that the browser has to see whether or not there is a match. God, I really would not trust that explanation but basically the EV provides an extra layer of security against the issuing authority that the session is secure and not being intercepted. Probably there are lots of reasons why it can still be hacked and made a mess of. The visual eye candy you mention is clearly the non-substantive cr** that users can get exposed to as a result of your increased down payment for the EV SSL.

 

The only reason I was looking at EV SSL was simply because it would keep Google chrome happy in January when the latest threat get's offloaded onto web-masters from Google HQ.

 

The browser session might be secure but the website might be running an unpatched version of Magento, so the user is still secure of being explioted :)

 

G.





RSS Feed

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users