| Publisher | Black Hat | ||
|---|---|---|---|
| Format | 731.2KB PDF | Date added | 01 Jul 2009 |
| Topics | PKI, SSL - TLS | ||
| Downloads | 1 | ||
One of the attributes that the paper discusses is the type of SSL certificate presented by a web server when negotiating a secure connection. Modern web browsers support both Domain Validated (DV) and Extended Validation (EV) SSL certificates. EV SSL certificates were created to combat phishing and other web based spoofing attacks which succeed in spite of the DV SSL model for web site identification. The EV SSL model improves upon the DV model in two ways. First, certificate authorities enforce a more thorough off-line validation process in order to more accurately identify the agent requesting the certificate as the owner of the domain which the certificate is for.
Did you find this white paper useful?
3 out of 5 users found this white paper useful
Related white papers
Data Security Mythbusters: Public Key Infrastructure (PKI)
In today's business environment, enterprises must work even harder than before to protect one of their most valuable assets - their information. When facing the pressures of regulatory oversight, email...
Why Outsourcing Your PKI Provides the Best Value: A Total Cost of Ownership Analysis
Once one conclude that one needs a certificate to exchange information online securely, turn on the security inherent in existing applications, or authenticate to users, computers, VPN, the Web, or...
PKI and UDDI Based Trust Centre: An Attempt to Improve Web Service Security
Nowadays Internet becomes the most used tool for the ever increasing amount of various transactions between institutions, organizations and more generally between clients and providers. Conducted studies and experiments showed...
VeriSign PKI-Based Certificates Are Rock Solid: From the Tumultuous Launch of the Integrated Cargo System to Today
Representing 250 customs brokers and freight forwarding businesses in Australia, the Customs Brokers and Forwarders Council of Australia Inc. (CBFCA) is an industry association that represents members' interests in various...
The PKI Authentication System With the Integration of Biometric Identification and Nonsymmetric Key Technology
To deal with the threats to the PKI authentication system from the internet and the real world, based on the analysis of biometric identification and nonsymmetric key technology, this paper...
Earth System Grid Authentication Infrastructure: Integrating Local Authentication, OpenID and PKI
Climate scientists face a wide variety of practical problems, but there exists an overarching need to efficiently access and manipulate climate model data. Increasingly, for example, researchers must assemble and...
Centrally Managing Trust, Security & Compliance in Educational Institutions
A University with a continuously expanding number of web-enabled applications, servers and internet/networking arrangements was acquiring hundreds of SSL certificates each year. Multiple IT project leaders were independently sourcing digital...
