In times of increased phishing attacks and identity theft, your customers look to you to secure sensitive information sent over the Internet with the strongest encryption from the most credible security providers.
OrganizationSSL Certificates activate the "little yellow padlock" and secure your ecommerce transactions, web account logins, webmail, network traffic and online services with unsurpassed levels of authentication, integrity, confidentiality and non-repudiation. OrganizationSSL Certificates are organization vetted - meaning that website visitors see your vetted (background check) company details, enhancing the trust they place in your website and providing more confidence to do business with you.
What is SSL?
The Secure Sockets Layer (SSL) is the most widely deployed security protocol that provides a secure channel between two computers over the Internet or network. We typically see SSL in use when a web browser needs to securely connect to a web server over the insecure Internet. SSL is a mostly transparent and requires little user interaction to establish a secure session. For example, in the case of a browser, users are alerted to the presence of SSL when the browser displays a padlock, or in the case of Extended Validation SSL the address bar displays both a padlock and a green bar.
Read More
What is an SSL Certificate?
SSL is a protocol, and in order to use the SSL protocol organizations need a SSL Certificate. A SSL Certificate is a small data file that digitally binds a cryptographic key to your organization's details, typically:
- Your domain name, server name or hostname
- Your company name and location
- In certain cases your organizational contact details
Read More
Typical Reasons for Needing SSL Certificates
Over the last few years the number of organizations using SSL Certificates has increased dramatically. The applications for which SSL is being used has also expanded. For example:
- Some organizations need SSL simply for confidentiality, e.g. encryption
- Some organizations wish to use SSL to enhance trust in their security and identity, e.g. they want to show customers they have been vetted and are a legitimate organization
Read More
Why getting the strongest SSL security from a 2048 bit Root Certificate is essential
In today’s interconnected world, your online solutions need to interact seamlessly with customers connecting to your web server, reading your emails, running your code or trusting your electronic documents. The GlobalSign Root Certificate is present in every popular machine, device, application and platform that utilizes the trust of Public Key Infrastructure (PKI) e.g. SSL/TLS, S/MIME, Code Signing and Document Signing.
In 1998, GlobalSign had the foresight to create a strong Root Certificate by using 2048 bit RSA keys. This makes the GlobalSign Root Certificate the most widely distributed Certification Authority to already meet the NIST (National Institute of Standards & Technology) recommendation that from 2011 onwards all cryptographic keys should be 2048 bit in strength. Anything less than 2048 bit will most likely be deemed insecure, which has prompted the CA/Browser Forum to insist that all Extended Validation SSL Certificates are to be 2048 bit from the 1st January 2009 in anticipation. GlobalSign can offer 2048 bit strength across our entire Digital Certificate portfolio.
GlobalSign is also one of the few Certification Authorities that can offer SGC (Server Gated Cryptography). This enables SSL Certificates to force web servers to create a strong 128 bit encrypted connection with older, weak 40 bit encryption browsers. To customers, the added strength of a 2048 bit root and the inclusion of SGC strong encryption is transparent – and to you, you are safe in the knowledge that the strongest encryption available is always being used to secure your communications.
Read More
What is the difference between Domain vs. Organization vetting?
Domain Validation (DV) SSL Certificates:
Certification Authority checks the right of the applicant to use a specific domain name. No company identity information is vetted and no information is displayed other than encryption information within the Secure Site Seal.
Organization Validation (OV) SSL Certificates:
Certification Authority checks the right of the applicant to use a specific domain name PLUS it conducts some vetting of the organization. Additional vetted company information is displayed to customers when clicking on the Secure Site Seal, giving enhanced visibility in who is behind the site and associated enhanced trust.
Extended Validation (EV) SSL Certificates:
Certification Authority checks the right of the applicant to use a specific domain name PLUS it conducts a THOROUGH vetting of the organization. The issuance process of EV Certificates is strictly defined in the EV Guidelines, as formally ratified by the CA/Browser forum in 2007, that specify all the steps required for a Certification Authority (CA) before issuing a certificate, and includes:
- Verifying the legal, physical and operational existence of the entity.
- Verifying that the identity of the entity matches official records
- Verifying that the entity has exclusive right to use the domain specified in the EV Certificate
- Verifying that the entity has properly authorized the issuance of the EV Certificate
- EV Certificates are available for: businesses, government entities and both incorporated and unincorporated businesses.
EV Audit Guidelines - Specify the criteria under which a CA needs to be successfully audited before issuing EV Certificates. The audits are repeated yearly to ensure the integrity of the issuance process.
Read More
† Applies to a 5 year plan and divided by 5 years.
