What is the Extended Validation Standard?
To purchase a Extended Validation SSL Certificate, an organization has to go through a validation process that meets the Extended Validation Standard established by the CA/Browser Forum (soon to be released). In addition to confirming domain name ownership, the process will likely include authenticating the authority of the contact person requesting the certificate, verification of the business with government or third party business registries, and other methods.
In 2006, a group of leading SSL Certificate Authorities (CAs) and browser vendors approved standard practices for certificate validation and display called the Extended Validation Standard. To issue an SSL Certificate that complies with the standard, a CA must adopt the extended certificate validation practice and pass a Webtrust audit. The validation process requires the CA to authenticate the certificate applicant’s domain ownership and organizational identity, as well as the individual approver’s employment with the applicant, and authority to obtain the Extended Validation SSL Certificate. Our Certification Practice Statement outlines our authentication and verification processes.
