Entrust Datacard

Entrust Certificate Services Support Knowledge Base

Audience: General
Last Modified: 2014-09-15 15:43:41.0

TN 6999 - How will Entrust EV SSL Certificates be different from the current Entrust SSL Certificates?

Question:

How will Entrust EV SSL Certificates be different from the current Entrust SSL Certificates?

 

 

Answer:

The primary difference will be in what happens before the Entrust EV SSL Certificates are even issued.

Before issuing any Entrust SSL Certificate, Entrust performs checks to 'vet' or validate the identity of the requestor.

 

Under the new EV model, validation of an entity (e.g. a company or web site operator) requesting an Entrust EV SSL Certificate will be performed using industry standard guidelines, as defined by the CA/Browser Forum. This is different from current practices in that different Certification Authorities have very different validation standards. Although the majority of Certification Authorities have rigorous validation practices, not all do and this undermines the overall security of SSL for consumer transactions.

 

Certificates issued using 'Extended Validation' will include a reference to an EV-specific certificate policy. Each Certification Authority will have a unique policy and Policy Object Identifier (OID). Browsers supporting EV will behave differently when they encounter a certificate issued under an EV policy OID that they recognize.

 

Note that at a technical level, Entrust EV SSL Certificates will not be different from standard X.509 certificates and will be backwards compatible with older browsers. Entrust EV SSL Certificates will include more information on the subject (the entity the certificate was issued to) - including jurisdiction of incorporation.

Affected Products:

  • Entrust Certificate Services Certificate Administrator EV SSL - 1 Year Version Not Applicable Language Not Applicable Windows
  • Entrust Certificate Services Certificate Administrator EV SSL - 2 Year Version Not Applicable Language Not Applicable Windows
  • Entrust Certificate Services EV SSL - 1 Year Version Not Applicable English Windows
  • Entrust Certificate Services EV SSL - 2 Year Version Not Applicable English Windows