Abdulhayoglu: Yellow Padlock Losing Meaning

Jersey City, NJ, July 02, 2009 - "The yellow padlock is losing its meaning as a trust indicator," said Melih Abdulhayoglu, CEO of Comodo.

Online businesses should establish more trust than simple domain validation can offer. Abdulhayoglu stated that domain validation means the certificate authority has checked only to see if the certificate holder controls the domain and not whether the certificate holder is a legal entity.

On the Internet, SSL certificates are used as the basis for encryption algorithms. Internet browsers display a yellow padlock if they detect that the transmission is encrypted, regardless of whether the site has a domain validated or higher assurance certificate.

Domain validation (DV) certificates omit the step of validating the legal existence of the applicant. Organizational validation (OV) certificates mean that the issuer has checked both the domain name and the legal existence.

One reason why the Certificate Authority/Browser (CA/B) Forum came up with an Extended Validation (EV) SSL certificate was to add additional assurances to the information displayed in a certificate. These additional assurances are required by guidelines established by the CA/B Forum, of which Abdulhayoglu is a co-founder. When most browsers detect an EV SSL certificate, they display a green address bar for encrypted transmissions.

Sites with DV certificates display golden padlocks, which may lead a consumer to believe that a higher level of authentication was performed.

Because the type of validation a certificate may receive varies greatly both by certificate type and by certificate authority, the golden padlock can mean different things to different people. Global industry standards should be enacted to require certain minimum validation prior to showing the golden padlock. This way the padlock acts as a trust indicator of the merchant rather than a simple symbol of encryption.

Comodo is the second-largest issuer of high assurance digital certificates, including organization-validated and EV SSL. For a video of Melih Abdulhayoglu's opinion on domain-validated SSL certificates, please visit ComodoVision
COMODO CA

Comodo CA, Ltd., is the world's second-largest issuer of high-assurance digital certificates, providing online communications unreadable to anyone but the sender and the recipient.

Comodo CA, Ltd., provides cost-effective solutions that protect online information. Digital certificates enable secure sockets layer (SSL) communications, unreadable to anyone but the sender and the recipient. Code-signing certificates ensure that software is not tampered with.

Patent-pending Comodo CA technology enables Internet users to send encrypted emails without exchanging public keys beforehand,

Continual innovation, a core competence in digital encryption, and a commitment to halting Internet crime distinguish the Comodo companies. The Comodo companies secure and authenticate online transactions and communications for over 200,000 business customers, and it has over 15,000,000 installations of desktop security products.

Comodo CA, Ltd., -- Creating Trust Online™. For more information, visit Comodo's website.

For more information, reporters and analysts may contact:
Comodo -- Creating Trust Online®
Email: media-relations@comodo.com
+1 (201) 963 0004 x4073

This release was published on openPR.