Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


EV SSL Confusion
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

EV SSL Confusion

Mahfuz_SS_EHLMahfuz_SS_EHL Host Rep, Veteran

Hello,

In Google Chrome, I can see EV SSL shows Issued to: ABC Inc./Ltd. to some SSL but not all.

You can visit the following URLs with Chrome:

https://www.qualys.com/
https://www.paypal.com/
https://account.skrill.com/

You will see Issued to: Specific Company Name

But, if you visit: https://sectigo.com/

It's also EV, but no Issued to Remarks. All the above-mentioned URLs have Digicert EV SSL but the later has Sectigo EV. What is the reason behind it ? Shouldn't all the EV include Company Name by default ?

Regards.

Comments

  • RickBakkrRickBakkr Member, Patron Provider, LIR

    I do not see it right away on either of these sites - I suppose you aim at the old 'banner' with the issued to party.

    All certificates are issused to said companies when you take a closer look at the certificate used.

  • Mahfuz_SS_EHLMahfuz_SS_EHL Host Rep, Veteran

    @RickBakkr said:

    I do not see it right away on either of these sites - I suppose you aim at the old 'banner' with the issued to party.

    All certificates are issused to said companies when you take a closer look at the certificate used.

    https://prnt.sc/utmyhf
    https://prnt.sc/utmypu
    https://prnt.sc/utmyzl

  • its 2020, who cares about EV SSL?

  • @vovler said:
    its 2020, who cares about EV SSL?

    Banks that a moment ago said that the address must have a green padlock and the name of the bank right next to it on a green background.

  • hzrhzr Member

    @Hotmarer said: Banks that a moment ago said that the address must have a green padlock and the name of the bank right next to it on a green background.

    Green bar has not existed in over a year though

    Thanked by 1vovler
  • Mahfuz_SS_EHLMahfuz_SS_EHL Host Rep, Veteran

    Anyone have any idea on the query ? EV has importance on various factors. There is a fine line. While it's a payment gateway or a Bank, it's needed, we need to understand this.

  • RickBakkrRickBakkr Member, Patron Provider, LIR

    For me, Sectigo shows this too? They are all EVs.

    @Mahfuz_SS_EHL said: EV has importance on various factors. There is a fine line. While it's a payment gateway or a Bank, it's needed, we need to understand this.

    It has importance in the vision of corporates or security minded people. Random Jack won't notice the difference between a EV and a DV cert, albeit from Let's Encrypt. In fact: I wonder if they would even care to see the padlock on the top left...

  • @hzr said:

    @Hotmarer said: Banks that a moment ago said that the address must have a green padlock and the name of the bank right next to it on a green background.

    Green bar has not existed in over a year though

    On Android, there's a big 'ol green bar at the top while visiting LET! :D

    Thanked by 1raindog308
  • @hzr said:

    @Hotmarer said: Banks that a moment ago said that the address must have a green padlock and the name of the bank right next to it on a green background.

    Green bar has not existed in over a year though

    It depends on the browser. Some people use some strange and/or old versions.

  • @Mahfuz_SS_EHL said:
    Hello,

    In Google Chrome, I can see EV SSL shows Issued to: ABC Inc./Ltd. to some SSL but not all.

    You can visit the following URLs with Chrome:

    https://www.qualys.com/
    https://www.paypal.com/
    https://account.skrill.com/

    You will see Issued to: Specific Company Name

    But, if you visit: https://sectigo.com/

    It's also EV, but no Issued to Remarks. All the above-mentioned URLs have Digicert EV SSL but the later has Sectigo EV. What is the reason behind it ? Shouldn't all the EV include Company Name by default ?

    Regards.

    Really strange.
    Our EV SSL has been issued by Sectigo, the company name is shown in all browsers
    http://prnt.sc/uubfik

  • Mahfuz_SS_EHLMahfuz_SS_EHL Host Rep, Veteran

    @croweb_host said:

    @Mahfuz_SS_EHL said:
    Hello,

    In Google Chrome, I can see EV SSL shows Issued to: ABC Inc./Ltd. to some SSL but not all.

    You can visit the following URLs with Chrome:

    https://www.qualys.com/
    https://www.paypal.com/
    https://account.skrill.com/

    You will see Issued to: Specific Company Name

    But, if you visit: https://sectigo.com/

    It's also EV, but no Issued to Remarks. All the above-mentioned URLs have Digicert EV SSL but the later has Sectigo EV. What is the reason behind it ? Shouldn't all the EV include Company Name by default ?

    Regards.

    Really strange.
    Our EV SSL has been issued by Sectigo, the company name is shown in all browsers
    http://prnt.sc/uubfik

    Yes, yours one is issued by Sectigo & it shows in Chrome. Strange as always. May I know if you have got it issued directly from Sectigo or partner companies e.g. GGSSL/SSLs/CheapSSL etc. ??

  • @Mahfuz_SS_EHL said:

    @croweb_host said:

    @Mahfuz_SS_EHL said:
    Hello,

    In Google Chrome, I can see EV SSL shows Issued to: ABC Inc./Ltd. to some SSL but not all.

    You can visit the following URLs with Chrome:

    https://www.qualys.com/
    https://www.paypal.com/
    https://account.skrill.com/

    You will see Issued to: Specific Company Name

    But, if you visit: https://sectigo.com/

    It's also EV, but no Issued to Remarks. All the above-mentioned URLs have Digicert EV SSL but the later has Sectigo EV. What is the reason behind it ? Shouldn't all the EV include Company Name by default ?

    Regards.

    Really strange.
    Our EV SSL has been issued by Sectigo, the company name is shown in all browsers
    http://prnt.sc/uubfik

    Yes, yours one is issued by Sectigo & it shows in Chrome. Strange as always. May I know if you have got it issued directly from Sectigo or partner companies e.g. GGSSL/SSLs/CheapSSL etc. ??

    I am pretty sure - it's directly from Sectugo.
    Actually, we are Sectigo (ex Comodo) partner.
    Regards,

  • Greenbar does not exist anymore! I guess no one even does care of EV SSL nowadays!

  • I do see the company name in the menu though?

    https://imgur.com/UUjs75T

  • Mahfuz_SS_EHLMahfuz_SS_EHL Host Rep, Veteran
    edited October 2020

    @klikli said:
    I do see the company name in the menu though?

    https://imgur.com/UUjs75T

    Strange !

  • OMGOMG Member

    As far as I know, Sectigo's AAA root certificate does not include EV policies. It may not display the green bar properly on some browsers. However, when Secitigo issues a certificate, you can select USERTrust's root certificate, which will solve your problem (in windows only works in Windows 10). Also, in windows 7 will automatically cross over to the AAA root certificate and also will not display the green bar.
    Please correct me if there are any errors.

  • deankdeank Member, Troll

    EV was a money grab.

    End of.

  • Agreed. EV was a money grab.

    EV is what secure certificates should have always been. Or at least what purchased secure certificates should have been.

    At their heart, secure certificates provide nothing except encryption. And from that standpoint an EV certificate is really no better than a self-signed certificate (I suppose you can argue the potential for a MITM attack with self-signed, but that can likely be mitigated by using something like DANE in a DNS record... or if you just want to say a domain validated certificate).

    A second aspect of secure certificates was suppose to provide some level of verification - verifying that the website belongs to the business it says it belongs to and if that business is reputable. This would be especially useful for ecommerce sites, or websites that sell stuff. Verification like this technically isn't part of what a secure certificate offers. This was actually done with OV certificates, but since nothing changed on the display... nothing distinguished OV certificates from DV certificates... and thus EV certificates were born.

    But EV certificates were created too far into the life of the Internet and people just really didn't care at that point. Green bar, padlock, hell even no padlock, people don't care anymore. Security is always someone else's problem. People just assume their data is safe and if it turns out it's not, then it definitely wasn't their fault.

    The result is now you've got a hodge-podge of different behaviors depending on your OS and browser and how they display differences between self-signed, DV, OV, and EV certificates... which again just feeds the "I don't care" behavior of the general public.

Sign In or Register to comment.