Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Journal Journal: SSL Extended Validation (EV) guidelines draft published

The CA/Browser-forum finally published the guidelines using which the new "Extended Validation" SSL certificate owners will be checked. It defines this new sort of certificate technically and mandates how to verify the information included, which allows to have a little more trust in that the server is really operated by the company that the certificate claims it is. This is in contrast to the recently popular cheap Domain Validation certificates which only check that the cert owner has control over the domain, via weak mechanims, and not his identity. Browsers are supposed use the EV in the UI: MSIE7 will show a green URLbar and the cert holder, Opera has similar plans, mozilla.org is still discussing how to use it. Konqueror is also on board.

The guidelines (link to PDF at the top of their webpage page) were first supposed to be secret, but have now been published for public review. Useful and constructive comments can be left at their email address or at newsgroup mozilla.dev.security. Comments should be made soon (despite the size of the document), because the standard is supposed to be finalized this month.

P.S. Sorry for putting SSL under "security", but there was no better category ;-).

Slashdot Top Deals

All science is either physics or stamp collecting. -- Ernest Rutherford