Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Security

Journal Journal: SSL Extended Validation (EV) guidelines draft published

The CA/Browser-forum finally published the guidelines using which the new "Extended Validation" SSL certificate owners will be checked. It defines this new sort of certificate technically and mandates how to verify the information included, which allows to have a little more trust in that the server is really operated by the company that the certificate claims it is. This is in contrast to the recently popular cheap Domain Validation certificates which only check that the cert owner has control over the domain, via weak mechanims, and not his identity. Browsers are supposed use the EV in the UI: MSIE7 will show a green URLbar and the cert holder, Opera has similar plans, mozilla.org is still discussing how to use it. Konqueror is also on board.

The guidelines (link to PDF at the top of their webpage page) were first supposed to be secret, but have now been published for public review. Useful and constructive comments can be left at their email address or at newsgroup mozilla.dev.security. Comments should be made soon (despite the size of the document), because the standard is supposed to be finalized this month.

P.S. Sorry for putting SSL under "security", but there was no better category ;-).

Slashdot Top Deals

Machines that have broken down will work perfectly when the repairman arrives.

Working...