SSL Assurance Levels

2017-07-28T14:17:05Z

Scottm: Created page with "'''Low-Assurance''' is the easiest to obtain (RapidSSL), and is often the cheapest. While encryption is theoretically the same for the Low-Assurance SSL as it is for the Very..."

'''Low-Assurance''' is the easiest to obtain (RapidSSL), and is often the cheapest. While encryption is theoretically the same for the Low-Assurance SSL as it is for the Very High-Assurance, the validation is not. In the case of Low-Assurance, you just prove you own the domain, or at the very least, are able to access certain portions that only the owner, or trusted members should be able to access.

'''Medium-Assurance''' SSL is similar to a Low-Assurance SSL in many aspects, however generally provides a seal you can place on your site (Similar to a seal that might say "Secured by GeoTrust Premium SSL" to show your validation publicly.

'''High-Assurance''' includes validation of your domain and business registration when issuing, and will not issue if there are inconsistencies. Due to the validation process being more rigorous they can take a little longer. These generally provide visitors with a higher degree of trust that your site is what you say it is.

'''Very High-Assurance''' would be Extended Validation Certificates (EV/GreenBar SSL), similar to what a bank or other major organization might use. PayPal is a good example of correctly utilizing a Very High-Assurance SSL. It will say your company name in the top left of the URL. This will instill the greatest amount of trust in a first time visitor.

[[File:EV_SSL.png]]

The above is an example of utilizing the EV SSL.

File:EV SSL.png

2017-07-28T14:15:14Z

Scottm:

Hostek.com Wiki - User contributions [en]

SSL Assurance Levels

File:EV SSL.png