The Green Bar Called EV SSL

December 19, 2014 | By Editor 


Extended Validation Secure Sockets Layer (EV SSL) like many of its contemporaries in security technology, is a helpful standard in identity verification. EV SSL refers to a separate class of x.509 digital certificate specific for servers. It is developed by a voluntary organization called the CA/Browser Forum that is made up of certificate authorities(CAs)and browser vendors .

The Green Bar Called EV SSL

An aspect of EV SSL that makes it essential as a product and authoritative as a certificate is the clear and strict EV Guidelines for how CAs should verify the applicants for a certificate.

Another aspect of EV SSL mandates a change in Web browser behavior. The Web browser’s address bar turns green when viewing an EV SSL website. And there are other guidelines to make the name of the certificate holder easily noticeable.

Previously, checking the name of the certificate holder in earlier certificates and browsers was a complicated process.

So what is the significance of a Web browser address bar turning green?

  • Under EV SSL guidelines, it means that a high-profile document is signed by an EV SSL certificate that is signed by a reputed CA. But high-profile documents are not all that make up a Web page.
  • Pages of big businesses that buy EV SSL certificates are most often composed of elements from several domains, and the EV Guidelines does not mandate that all have EV certs.
  • For example, using IE 7 look at PayPAl’s home page. The top documents and certain important elements, like the logo of PayPal, have EV SSL certificates. But other elements on the Web page, such as some graphics, do not. Browse the main logo, you get a green bar; browse some of the less significant graphics, you do not.
  • With increasing awareness of SSL, next generation browsers that support EV SSL will turn a part of the whole address bar green unlike IE 7.
  • Apple appears to have zero plans for EV SSL support in its Safari browser. While Opera browser does not turn the whole address bar green unless the page elements have EV SSL certs.
  • Security researchers expect more browsers to be stricter about EV SSL. Websites that have high chances of being scammed or phished should really should adopt EV SSL.

A combined effort from users and vendors in adopting EV SSL would remove all sorts of vulnerabilities that could diminish a business its value.


Posted in EV SSL

Be Sociable, Share!

Leave a Comment


* fields are mandatory