Domain-validated certificate

"Domain validation" redirects here. For the technique employed in Parallel SCSI, see Parallel SCSI § Ultra-3.

A domain-validated certificate (DV) is an X.509 digital certificate typically used for Transport Layer Security (TLS) where the identity of the applicant has been validated by proving some control over a DNS domain.[1][2]

Issuing criteria

The sole criterion for a domain-validated certificate is proof of control over a domain. Typically control over a domain is determined using one of the following:

A domain-validated certificate is distinct from an Extended Validation Certificate in that this is the only requirement for issuing the certificate. In particular, domain-validated certificates do not assure that any particular legal entity is connected to the certificate, even if the domain name may imply a particular legal entity controls the domain.

User interface

Most web browsers may show a lock (often in grey, rather than the green lock typically used for an Extended Validation Certificate) and a DNS domain name. A legal entity is never displayed, as domain-validated certificates do not include a legal entity in their subject.

Characteristics

As the low assurance requirements allow domain-validated certificates to be issued quickly without requiring human intervention, domain-validated certificates have a number of unique characteristics:

References

  1. "Domain Validated SSL? Why We Don't Offer It". www.digicert.com. Retrieved 2015-09-07.
  2. "Domain Validated SSL Certificates". www.sslshopper.com. Retrieved 2015-09-07.
This article is issued from Wikipedia - version of the 11/23/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.