Extended Validation Certificate

Last updated
An example of Extended Validation Certificate, issued by DigiCert DigiCert extended validation example on Firefox 89 screenshot.png
An example of Extended Validation Certificate, issued by DigiCert

An Extended Validation Certificate (EV) is a certificate conforming to X.509 that proves the legal entity of the owner and is signed by a certificate authority key that can issue EV certificates. EV certificates can be used in the same manner as any other X.509 certificates, including securing web communications with HTTPS and signing software and documents. Unlike domain-validated certificates and organization-validation certificates, EV certificates can be issued only by a subset of certificate authorities (CAs) and require verification of the requesting entity's legal identity before certificate issuance.

Contents

As of February 2021, all major web browsers (Google Chrome, Mozilla Firefox, Microsoft Edge and Apple Safari) have menus which show the EV status of the certificate and the verified legal identity of EV certificates. Mobile browsers typically display EV certificates the same way they do Domain Validation (DV) and Organization Validation (OV) certificates. Of the ten most popular websites online, none use EV certificates and the trend is away from their usage. [1]

For software, the verified legal identity is displayed to the user by the operating system (e.g., Microsoft Windows) before proceeding with the installation.

Extended Validation certificates are stored in a file format specified by and typically use the same encryption as organization-validated certificates and domain-validated certificates, so they are compatible with most server and user agent software.

The criteria for issuing EV certificates are defined by the Guidelines for Extended Validation established by the CA/Browser Forum. [2]

To issue an extended validation certificate, a CA requires verification of the requesting entity's identity and its operational status with its control over domain name and hosting server.

History

Introduction by CA/Browser Forum

In 2005 Melih Abdulhayoglu, CEO of the Comodo Group (currently known as Xcitium), convened the first meeting of the organization that became the CA/Browser Forum, hoping to improve standards for issuing SSL/TLS certificates. [3] On June 12, 2007, the CA/Browser Forum officially ratified the first version of the Extended Validation (EV) SSL Guidelines, which took effect immediately. The formal approval successfully brought to a close more than two years of effort and provided the infrastructure for trusted website identity on the Internet. Then, in April 2008, the forum announced version 1.1 of the guidelines, building on the practical experience of its member CAs and relying-party application software suppliers gained in the months since the first version was approved for use.

Creation of special UI indicators in browsers

Most major browsers created special user interface indicators for pages loaded via HTTPS secured by an EV certificate soon after the creation of the standard. This includes Google Chrome 1.0, Internet Explorer 7.0, Firefox 3, Safari 3.2, Opera 9.5. [4] Furthermore, some mobile browsers, including Safari for iOS, Windows Phone, Firefox for Android, Chrome for Android, and iOS, added such UI indicators. Usually, browsers with EV support display the validated identity—usually a combination of organization name and jurisdiction—contained in the EV certificate's 'subject' field.

In most implementations, the enhanced display includes:

By clicking on the lock symbol, the user can obtain more information about the certificate, including the name of the certificate authority that issued the EV certificate.

Removal of special UI indicators

In May 2018, Google announced plans to redesign user interfaces of Google Chrome to remove emphasis for EV certificates. [5] Chrome 77, released in 2019, removed the EV certificate indication from omnibox, but EV certificate status can be viewed by clicking on lock icon and then checking for legal entity name listed as "issued to" under "certificate". [6] Firefox 70 removed the distinction in the omnibox or URL bar (EV and DV certificates are displayed similarly with just a lock icon), but the details about certificate EV status are accessible in the more detailed view that opens after click on the lock icon. [7]

Apple Safari on iOS 12 and MacOS Mojave (released in September 2018) removed the visual distinction of EV status. [1]

Issuing criteria

Only CAs who pass an independent qualified audit review may offer EV, [8] and all CAs globally must follow the same detailed issuance requirements which aim to:

With the exception [9] of Extended Validation Certificates for .onion domains, it is otherwise not possible to get a wildcard Extended Validation Certificate – instead, all fully qualified domain names must be included in the certificate and inspected by the certificate authority. [10]

Extended Validation certificate identification

EV certificates are standard X.509 digital certificates. The primary way to identify an EV certificate is by referencing the Certificate Policies (CP) extension field. Each EV certificate's CP object identifier (OID) field identifies an EV certificate. The CA/Browser Forum's EV OID is 2.23.140.1.1. [11] . Other EV OIDs may be documented in the issuer's Certification Practice Statement. As with root certificate authorities in general, browsers may not recognize all issuers.

EV HTTPS certificates contain a subject with X.509 OIDs for jurisdictionOfIncorporationCountryName (OID: 1.3.6.1.4.1.311.60.2.1.3), [12] jurisdictionOfIncorporationStateOrProvinceName (OID: 1.3.6.1.4.1.311.60.2.1.2) (optional), [13] jurisdictionLocalityName (OID: 1.3.6.1.4.1.311.60.2.1.1) (optional), [14] businessCategory (OID: 2.5.4.15) [15] and serialNumber (OID: 2.5.4.5), [16] with the serialNumber pointing to the ID at the relevant secretary of state (US) or government business registrar (outside US)[ citation needed ].

Online Certificate Status Protocol

The criteria for issuing Extended Validation certificates do not require issuing certificate authorities to immediately support Online Certificate Status Protocol for revocation checking. However, the requirement for a timely response to revocation checks by the browser has prompted most certificate authorities that had not previously done so to implement OCSP support. Section 26-A of the issuing criteria requires CAs to support OCSP checking for all certificates issued after Dec. 31, 2010.

Criticism

Colliding entity names

The legal entity names are not unique, therefore an attacker who wants to impersonate an entity might incorporate a different business with the same name (but, e.g., in a different state or country) and obtain a valid certificate for it, but then use the certificate to impersonate the original site. In one demonstration, a researcher incorporated a business called "Stripe, Inc." in Kentucky and showed that browsers display it similarly to how they display certificate of payment processor "Stripe, Inc." incorporated in Delaware. Researcher claimed the demonstration setup took about an hour of his time, US$100 in legal costs and US$77 for the certificate. Also, he noted that "with enough mouse clicks, [user] may be able to [view] the city and state [where entity is incorporated], but neither of these are helpful to a typical user, and they will likely just blindly trust the [EV certificate] indicator". [17]

Availability to small businesses

Since EV certificates are being promoted and reported [18] as a mark of a trustworthy website, some small business owners have voiced concerns [19] that EV certificates give undue advantage to large businesses. The published drafts of the EV Guidelines [20] excluded unincorporated business entities, and early media reports [19] focused on that issue. Version 1.0 of the EV Guidelines was revised to embrace unincorporated associations as long as they were registered with a recognized agency, greatly expanding the number of organizations that qualified for an Extended Validation Certificate.

Effectiveness against phishing attacks with IE7 security UI

In 2006, researchers at Stanford University and Microsoft Research conducted a usability study [21] of the EV display in Internet Explorer 7. Their paper concluded that "participants who received no training in browser security features did not notice the extended validation indicator and did not outperform the control group", whereas "participants who were asked to read the Internet Explorer help file were more likely to classify both real and fake sites as legitimate".

Domain-validated certificates were created by CAs in the first place

While proponents of EV certificates claim they help against phishing attacks, [22] security expert Peter Gutmann states the new class of certificates restore a CA's profits which were eroded due to the race to the bottom that occurred among issuers in the industry. According to Peter Gutmann, EV certificates are not effective against phishing because EV certificates are "not fixing any problem that the phishers are exploiting". He suggests that the big commercial CAs have introduced EV certificates to return the old high prices. [23]

See also

Related Research Articles

<span class="mw-page-title-main">HTTPS</span> Extension of the HTTP communications protocol to support TLS encryption

Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It uses encryption for secure communication over a computer network, and is widely used on the Internet. In HTTPS, the communication protocol is encrypted using Transport Layer Security (TLS) or, formerly, Secure Sockets Layer (SSL). The protocol is therefore also referred to as HTTP over TLS, or HTTP over SSL.

<span class="mw-page-title-main">Public key infrastructure</span> System that can issue, distribute and verify digital certificates

A public key infrastructure (PKI) is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption. The purpose of a PKI is to facilitate the secure electronic transfer of information for a range of network activities such as e-commerce, internet banking and confidential email. It is required for activities where simple passwords are an inadequate authentication method and more rigorous proof is required to confirm the identity of the parties involved in the communication and to validate the information being transferred.

In cryptography, a public key certificate, also known as a digital certificate or identity certificate, is an electronic document used to prove the validity of a public key. The certificate includes the public key and information about it, information about the identity of its owner, and the digital signature of an entity that has verified the certificate's contents. If the device examining the certificate trusts the issuer and finds the signature to be a valid signature of that issuer, then it can use the included public key to communicate securely with the certificate's subject. In email encryption, code signing, and e-signature systems, a certificate's subject is typically a person or organization. However, in Transport Layer Security (TLS) a certificate's subject is typically a computer or other device, though TLS certificates may identify organizations or individuals in addition to their core role in identifying devices. TLS, sometimes called by its older name Secure Sockets Layer (SSL), is notable for being a part of HTTPS, a protocol for securely browsing the web.

In cryptography, X.509 is an International Telecommunication Union (ITU) standard defining the format of public key certificates. X.509 certificates are used in many Internet protocols, including TLS/SSL, which is the basis for HTTPS, the secure protocol for browsing the web. They are also used in offline applications, like electronic signatures.

<span class="mw-page-title-main">Certificate revocation list</span> A list of revoked digital certificates

In cryptography, a certificate revocation list (CRL) is "a list of digital certificates that have been revoked by the issuing certificate authority (CA) before their scheduled expiration date and should no longer be trusted". CRLs are no longer required by the CA/Browser forum, as alternate certificate revocation technologies are increasingly used instead. Nevertheless, CRLs are still widely used by the CAs.

In cryptography, a certificate authority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. This allows others to rely upon signatures or on assertions made about the private key that corresponds to the certified public key. A CA acts as a trusted third party—trusted both by the subject (owner) of the certificate and by the party relying upon the certificate. The format of these certificates is specified by the X.509 or EMV standard.

S/MIME is a standard for public-key encryption and signing of MIME data. S/MIME is on an IETF standards track and defined in a number of documents, most importantly RFC 8551. It was originally developed by RSA Data Security, and the original specification used the IETF MIME specification with the de facto industry standard PKCS #7 secure message format. Change control to S/MIME has since been vested in the IETF, and the specification is now layered on Cryptographic Message Syntax (CMS), an IETF specification that is identical in most respects with PKCS #7. S/MIME functionality is built into the majority of modern email software and interoperates between them. Since it is built on CMS, MIME can also hold an advanced digital signature.

In cryptography and computer security, self-signed certificates are public key certificates that are not issued by a certificate authority (CA). These self-signed certificates are easy to make and do not cost money. However, they do not provide any trust value.

The Online Certificate Status Protocol (OCSP) is an Internet protocol used for obtaining the revocation status of an X.509 digital certificate. It is described in RFC 6960 and is on the Internet standards track. It was created as an alternative to certificate revocation lists (CRL), specifically addressing certain problems associated with using CRLs in a public key infrastructure (PKI). Messages communicated via OCSP are encoded in ASN.1 and are usually communicated over HTTP. The "request/response" nature of these messages leads to OCSP servers being termed OCSP responders.

Code signing is the process of digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed. The process employs the use of a cryptographic hash to validate authenticity and integrity. Code signing was invented in 1995 by Michael Doyle, as part of the Eolas WebWish browser plug-in, which enabled the use of public-key cryptography to sign downloadable Web app program code using a secret key, so the plug-in code interpreter could then use the corresponding public key to authenticate the code before allowing it access to the code interpreter's APIs.

GlobalSign is a certificate authority and a provider of internet identity and security products. As of January 2015, Globalsign was the 4th largest certificate authority in the world, according to Netcraft.

<span class="mw-page-title-main">DigiCert</span> Internet security company

DigiCert, Inc. is a digital security company headquartered in Lehi, Utah. As a certificate authority (CA) and trusted third party, DigiCert provides public key infrastructure (PKI) and validation required for issuing digital certificates or TLS/SSL certificates.

The Certification Authority Browser Forum, also known as the CA/Browser Forum, is a voluntary consortium of certification authorities, vendors of Internet browser and secure email software, operating systems, and other PKI-enabled applications that promulgates industry guidelines governing the issuance and management of X.509 v.3 digital certificates that chain to a trust anchor embedded in such applications. Its guidelines cover certificates used for the SSL/TLS protocol and code signing, as well as system and network security of certificate authorities.

StartCom was a certificate authority founded in Eilat, Israel, and later based in Beijing, China, that had three main activities: StartCom Enterprise Linux, StartSSL and MediaHost. StartCom set up branch offices in China, Hong Kong, the United Kingdom and Spain. Due to multiple faults on the company's end, all StartCom certificates were removed from Mozilla Firefox in October 2016 and Google Chrome in March 2017, including certificates previously issued, with similar removals from other browsers expected to follow.

Convergence was a proposed strategy for replacing SSL certificate authorities, first put forth by Moxie Marlinspike in August 2011 while giving a talk titled "SSL and the Future of Authenticity" at the Black Hat security conference. It was demonstrated with a Firefox addon and a server-side notary daemon.

DNS-based Authentication of Named Entities (DANE) is an Internet security protocol to allow X.509 digital certificates, commonly used for Transport Layer Security (TLS), to be bound to domain names using Domain Name System Security Extensions (DNSSEC).

DNS Certification Authority Authorization (CAA) is an Internet security policy mechanism that allows domain name holders to indicate to certificate authorities whether they are authorized to issue digital certificates for a particular domain name. It does this by means of a "CAA" Domain Name System (DNS) resource record.

<span class="mw-page-title-main">Domain-validated certificate</span>

A domain validated certificate (DV) is an X.509 public key certificate typically used for Transport Layer Security (TLS) where the domain name of the applicant is validated by proving some control over a DNS domain. Domain validated certificates were first distributed by GeoTrust in 2002 before becoming a widely accepted method.

<span class="mw-page-title-main">Qualified website authentication certificate</span>

A qualified website authentication certificate is a qualified digital certificate under the trust services defined in the European Union eIDAS Regulation.

Version history for TLS/SSL support in web browsers tracks the implementation of Transport Layer Security protocol versions in major web browsers.

References

  1. 1 2 "Google, Mozilla: We're changing what you see in Chrome, Firefox address bars". ZDNET. Retrieved 2023-07-27.
  2. "EV SSL Certificate Guidelines". 31 August 2013.
  3. "How Can We Improve Code Signing?". eWEEK. 9 May 2008.
  4. "What browsers support Extended Validation (EV) and display an EV indicator?". Symantec. Archived from the original on 2015-12-31. Retrieved 2014-07-28.
  5. "Google Chrome: removal of Secure and HTTPS indicators". Ghacks . 18 May 2018. Retrieved 2021-06-15.
  6. Abrams, Lawrence (11 September 2019). "Chrome 77 Released With Removed EV Certificate Indicator". Bleeping Computer . Retrieved 2021-06-14.
  7. "Improved Security and Privacy Indicators in Firefox 70". Mozilla Security Blog. 15 October 2019. Retrieved 2019-10-17.
  8. "Audit Criteria". October 2013.
  9. "Ballot 144 – Validation rules for .onion names; Appendix F section 4". CA/Browser Forum. 18 February 2015. Retrieved 6 March 2017.
  10. "Guidelines For The Issuance And Management Of Extended Validation Certificates, Version 1.5.2" (PDF). CA/Browser Forum. 2014-10-16. p. 10. Retrieved 2014-12-15. Wildcard certificates are not allowed for EV Certificates.
  11. "Object Registry". 16 October 2013.
  12. "OID repository - 1.3.6.1.4.1.311.60.2.1.3 = {iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) 311 ev(60) 2 1 jurisdictionOfIncorporationCountryName(3)}". oid-info.com. Retrieved 2019-07-31.
  13. "OID repository - 1.3.6.1.4.1.311.60.2.1.2 = {iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) 311 ev(60) 2 1 jurisdictionOfIncorporationStateOrProvinceName(2)}". oid-info.com. Retrieved 2019-07-31.
  14. "OID repository - 1.3.6.1.4.1.311.60.2.1.1 = {iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) 311 ev(60) 2 1 jurisdictionOfIncorporationLocalityName(1)}". oid-info.com. Retrieved 2019-07-31.
  15. "OID repository - 2.5.4.15 = {joint-iso-itu-t(2) ds(5) attributeType(4) businessCategory(15)}". oid-info.com. Retrieved 2019-07-31.
  16. "OID repository - 2.5.4.5 = {joint-iso-itu-t(2) ds(5) attributeType(4) serialNumber(5)}". oid-info.com. Retrieved 2019-07-31.
  17. Goodin, Dan (2017-12-12). "Nope, this isn't the HTTPS-validated Stripe website you think it is". Ars Technica. Retrieved 2018-12-19.
  18. Evers, Joris (February 2, 2007). "IE 7 gives secure Web sites the green light". CNet . Retrieved 2010-02-27. The colored address bar, a new weapon in the fight against phishing scams, is meant as a sign that a site can be trusted, giving Web surfers the green light to carry out transactions there.
  19. 1 2 Richmond, Riva (December 19, 2006). "Software to Spot 'Phishers' Irks Small Concerns". The Wall Street Journal. Archived from the original on April 15, 2008. Retrieved 2010-02-27.
  20. "Guidelines For The Issuance and Management Of Extended Validation Certificates" (PDF). www.cabforum.org. Archived from the original (PDF) on February 29, 2012.
  21. Jackson, Collin; Daniel R. Simon; Desney S. Tan; Adam Barth. "An Evaluation of Extended Validation and Picture-in-Picture Phishing Attacks" (PDF). Usable Security 2007.
  22. "Common Questions About Extended Validation EV SSL". DigiCert, Inc. Retrieved 15 May 2013.
  23. Gutmann, Peter (2014). Engineering Security (PDF). p. 73. Retrieved 13 March 2015.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.