OV – Commfides standard validation
Most SSL certificates are issued to a business, but many certificates issued do not show which business is behind the domain. In many cases, a certificate is issued to a domain without thorough validation.
This is unfavorable as these web sites may impose a false security in the form of a padlock, but in reality, no one has verified the owner of the site.
With an organization-validated SSL certificate, the user can click on the padlock to get more information about both the business and the domain listed in the certificate, as well as which trusted third party that has verified the company.
Commfides is such a trusted third party and always performs thorough control of the domain and business. We always recommend minimum OV validation for all public websites.
Read about the four validation levels below.
The strictest validation level. Provides a green address field in the browser..
The certificate confirms the owner behind the domain and immediately shows that the address field becomes green. When validating an EV certificate, the company must also sign documents in addition to standard validation (DCV & callback).
The security with an EV certificate is that all CAs must comply with the same international validation requirements, which are set in the CA Browser Forum.
Regardless of who issues the certificate, the user can trust that there is the same strict validation of both the domain and the business behind a green address field.
Read more about EV validation.
Strong validation performed against both the domain and the business..
Business validation involves the control of the company that owns the domain. We check that the listing in Brønnøysund Register Centre and WHOIS is correct and matches the content of the CSR file. The owner must confirm that they are the ones who control the domain (DCV / approval email) and verify the call-back that they have made the order.
The certificate provides consumer protection as the certificate both encrypts and provides independent information about who is behind the website.
DV is a basic validation that only confirms that someone owns the domain. This is performed by sending an email to a generic email address associated with the domain.
The certificate will show what domain the certificate is issued to but not who owns it.
The certificate does not provide any security for the user against whom the user sends information and is therefore only recommended for testing purposes and for non-public websites.
Certificate has no validation