2013年10月6日 星期日

EV (Extended Validation) SSL Certitifcate

如果是由 EV (Extended Validation) CA 所簽發的 SSL Certificate, Chrome 會在 URL 列列出組織的名稱。像 GitHub 的這樣:


而一般 CA 所簽發的則沒有。像 FaceBook的:

就稽核管理的角度來看,EV CA有較嚴謹的限制:
<quote wiki>
  • Establish the legal identity as well as the operational and physical presence of website owner;
  • Establish that the applicant is the domain name owner or has exclusive control over the domain name; and
  • Confirm the identity and authority of the individuals acting for the website owner, and that documents pertaining to legal obligations are signed by an authorised officer.
</wiki>
較有趣的一條是 EV CA不允許簽發 wildcared Extended Validation certificate。


REF:



沒有留言:

張貼留言