It’s not as EV as ABC
Paddy’s back after a period of incarceration due to over-exuberant ethical hacking. I thought I’d mark my return with a blog post on security musings. I browsed to trust.hornbill.net and to my delight found that while I had been offline, the guys at Hornbill have installed a certificate on the trust web server.
This is not any old certificate – you can buy certificates very easily and cheaply online with little or no checking – but the one on trust.hornbill.net displays a pretty little green bar in the browser.
You’re probably thinking “nice, but so what?”. You may even be saying “I see one of those every time I visit my bank’s website”. Some of you may not have noticed this at all – outrageous!!
The type of certificate we have is called an Extended Validation (EV) SSL Certificate. The process of purchasing such a certificate is rather involved – you can read about it here http://www.geotrust.com/support/true-businessid/ev-validation-requirements/ – and quite rightly so, as it demonstrates a level of trust and security that you cannot achieve with ordinary SSL certificates. For us, it was worth the wait: we’re not a bank of course, but security is still paramount to us in everything we do. We wanted to demonstrate this to you, which is why we decided to go the extra mile and go EV.
So the next time you are browsing the web, do look out for SSL certificates. And should you look at other cloud-vendor sites, see whether they have an EV certificate. Bet they haven’t!