World Library  
Flag as Inappropriate
Email this Article

Domain-validated certificate

Article Id: WHEBN0047747479
Reproduction Date:

Title: Domain-validated certificate  
Author: World Heritage Encyclopedia
Language: English
Subject: Key management, BREACH (security exploit), Botan (programming library), Certificate Transparency, Public key certificate
Collection: E-Commerce, Key Management, Public Key Infrastructure, Transport Layer Security
Publisher: World Heritage Encyclopedia
Publication
Date:
 

Domain-validated certificate

A domain-validated certificate (DV) is an X.509 digital certificate typically used for SSL where the identity of the applicant has been validated by proving some control over a DNS domain.[1][2]

Contents

  • Issuing Criteria 1
  • User Interface 2
  • Characteristics 3
  • References 4

Issuing Criteria

The sole criteria for a domain validated certificate is proof of control over a domain. Typically control over a domain is determined using one of the following:

  • Response to email sent to the email contact in the domain's whois details
  • Response to email sent to a well-known administrative contact in the domain, e.g. (admin@, postmaster@, etc.)
  • Publishing a DNS TXT record
  • Publishing a nonce provided by an automated certificate issuing system

A domain validated certificate is distinct from an Extended Validation Certificate in that this is the only requirement for issuing the certificate. In particular, domain validated certificates do not assure that any particular legal entity is connected to the certificate, even if the domain name may imply a particular legal entity controls the domain.

User Interface

Most web browsers may show a lock (typically in grey, rather than the green lock typically used for an Extended Validation Certificate) and a DNS domain name. A legal entity is never displayed, as Domain Validated certificates do not include a legal entity in their subject.

Mozilla Firefox and Safari show domain validated certificates with a grey lock.

Microsoft Edge displays domain validated certificates with a hollow grey lock.

Characteristics

As the low assurance requirements allow domain validated certificates to be issued quickly without requiring human intervention, domain validated certificates have a number of unique characteristics:

  • Domain validated certificates are used in automated SSL issuing systems.
  • Domain validated certificates are often cheap or free.

References

  1. ^ "Domain Validated SSL? Why We Don't Offer It". www.digicert.com. Retrieved 2015-09-07. 
  2. ^ "Domain Validated SSL Certificates". www.sslshopper.com. Retrieved 2015-09-07. 
This article was sourced from Creative Commons Attribution-ShareAlike License; additional terms may apply. World Heritage Encyclopedia content is assembled from numerous content providers, Open Access Publishing, and in compliance with The Fair Access to Science and Technology Research Act (FASTR), Wikimedia Foundation, Inc., Public Library of Science, The Encyclopedia of Life, Open Book Publishers (OBP), PubMed, U.S. National Library of Medicine, National Center for Biotechnology Information, U.S. National Library of Medicine, National Institutes of Health (NIH), U.S. Department of Health & Human Services, and USA.gov, which sources content from all federal, state, local, tribal, and territorial government publication portals (.gov, .mil, .edu). Funding for USA.gov and content contributors is made possible from the U.S. Congress, E-Government Act of 2002.
 
Crowd sourced content that is contributed to World Heritage Encyclopedia is peer reviewed and edited by our editorial staff to ensure quality scholarly research articles.
 
By using this site, you agree to the Terms of Use and Privacy Policy. World Heritage Encyclopedia™ is a registered trademark of the World Public Library Association, a non-profit organization.
 


Copyright © World Library Foundation. All rights reserved. eBooks from Project Gutenberg are sponsored by the World Library Foundation,
a 501c(4) Member's Support Non-Profit Organization, and is NOT affiliated with any governmental agency or department.