Like Tree2Likes
  • 2 Post By hackerman1

Thread: The Special Power of Extended Validation Web Site Certificates

  1. #1
    hackerman1 is offline Senior Member
    Join Date
    Dec 2008
    Location
    Sweden
    Posts
    1,525

    Default The Special Power of Extended Validation Web Site Certificates

    The Special Power of
    Extended Validation
    Web Site Certificates
    (If you are not using Internet Explorer,
    the "Green" REALLY means something!)


    • During our deep dive into web browser certificate technology for our Fingerprints page,

      we discovered something wonderful about Extended Validation (EV) certificates!



      Here's what we discovered:

      Even though GRC was already a web site with encrypted connections validated by extended validation (EV) security certificates, (note the special green coloration shown in the address bar of your browser), we (wrongly) assumed that this only meant that:



      • We had been required to prove, to an extra degree of certainty, that we really
        were who we claimed to be. (We were and are.)


      • That we would need to pay more for the privilege of having and displaying the
        green address bar. (We did and will.)


      • That the maximum duration of the identity authenticating certificate was shorter,
        so we'd have to go through all that rigamarole more often. (It is, and we will.)


      • But that it wasn't, otherwise, in any other way, different from regular web site
        security certificates
        . . . and THAT'S where we were very, wonderfully, wrong!

      The HTTPS Fingerprints page explains carefully how and why a regular web site's SSL/TLS security certificate CAN be readily (and too easily) spoofed.
      But it turns out that . . .

    Extended Validation certificates are COMPLETELY SPOOF PROOF !
    (Unless you're using Internet Explorer)

    Read the full story here:https://www.grc.com/ssl/ev.htm
    HappyAndyK and Matrix like this.

  2. #2
    HappyAndyK's Avatar
    HappyAndyK is offline Site Administrator
    Join Date
    Jun 2008
    Posts
    7,430

    Default

    It was black in IE but Green in Firefox. Looks like a good read. Thanks for this!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Log in

Log in

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22