Extended Validation SSL



Similar documents
Extended Validation SSL

VeriSign PKI Client Government Edition v 1.5. VeriSign PKI Client Government. VeriSign PKI Client VeriSign, Inc. Government.

VERISIGN OPENHYBRID CLOUD SIGNALLING API SPECIFICATION

Certification Exam or Test shall mean the applicable certification test for the particular product line or technology for which You have registered.

Certification Practice Statement of CERTUM s Certification Services

Provider secure web portal & Member Care Information portal Registration Form

FAX-TO- END-USER LICENSE AGREEMENT

Web Site Development Agreement

Terms of Service. Your Information and Privacy

TRADEMARK AND DOMAIN NAME AGREEMENT

Capitalized terms not defined below shall have the meaning given to them in the applicable CP/CPS, unless the context requires otherwise.

Dennemeyer & Associates Terms and Conditions for Trademark Clearinghouse Services

Rethinking Schools Limited Institutional Site License

Canadian Pharmaceutical Distribution Network Certificate Authority Services Agreement. In this document:

This Agreement (herein after called "Agreement") is made on the day of, 20 in by and between:

This is a legal agreement ("Agreement") between the undersigned (either an individual or an entity)

Gandi CA Certification Practice Statement

TEXTURA AUSTRALASIA PTY LTD ACN ( Textura ) CONSTRUCTION PAYMENT MANAGEMENT SYSTEM TERMS AND CONDITIONS OF USE

Domain Registration Agreement

SOFTWARE USAGE AGREEMENT (SUA)

TERMS AND CONDITIONS OF

.uk Registration Agreement

Real Estate Agent Website Linking Agreement

"Certification Authority" means an entity which issues Certificates and performs all of the functions associated with issuing such Certificates.

Clearinghouse Validation Terms and Conditions for Trademark Agents

ELECTRONIC TRADING FACILITIES SUPPLEMENTAL TERMS AND CONDITIONS OF TRADING

The name of the Contract Signer (as hereinafter defined) duly authorized by the Applicant to bind the Applicant to this Agreement is.

Online Study Affiliate Marketing Agreement

ECLIPSE FOUNDATION, INC. MEMBERSHIP AGREEMENT

ADP Ambassador / Referral Rewards Program Terms and Conditions of Use

OFFICE OF INSURANCE REGULATION Company Admissions

Provider Web Portal Registration Form

EV Multi-Domain Certificate Enrollment Guide

Acquia Certification Program Agreement

MTS GUI LICENCE SCHEDULE TO. MTS Data Terms & Conditions End Customer; or. MTS and EuroMTS Membership Documentation; or. MTS Registered ISV Agreement

(This agreement is in rich text format and appears in a scrolling text box once you ve reached

ADP Ambassador /Referral Rewards Program. Terms and Conditions of Use

SMARSH WEBSITE & HOSTING REPRESENTATIVE TERMS & CONDITIONS

Thawte SSL Certificate Enrollment Guide

TERMS OF USE FOR NOTARIAL PERSONAL REPRESENTATION CERTIFICATES FOR AUTHENTICATION

International Payment Service Terms and conditions

Amazon Trust Services Certificate Subscriber Agreement

DEFINITIONS. "this web site" means "user" means any person accessing any part of this web site DISCLAIMER

d. Members shall not conduct their business in a manner which tends to bring either BRBA or the BMF or its membership into disrepute.

LET S ENCRYPT SUBSCRIBER AGREEMENT

ARTL PKI. Certificate Policy PKI Disclosure Statement

CENTRAL SAVINGS BANK BUSINESS INTERNET BANKING AGREEMENT

CENTURY 21 CANADA LIMITED PARTNERSHIP WEBSITE TERMS OF USE

Globe Hosting Certification Authority Globe Hosting, Inc. 501 Silverside Road, Suite 105, Wilmington, DE 19809, County of New Castle, United States

Getting Started with PayPal Manager

Janison Terms and Conditions. Updated Jan 2013

Ford Motor Company CA Certification Practice Statement

A R T I C L E S O F A S S O C I A T I O N M A R E L H F.

If you are in full agreement with the document, kindly return the signature page at the end of the documents

How To Write A Contract Between College And Independent Contractor

EuropeanSSL Secure Certification Practice Statement

Covered California. Terms and Conditions of Use

ARCH CAPITAL ADVISORS

Entrust Certificate Services Subscription Agreement

AMERICAN INSTITUTES FOR RESEARCH OPEN SOURCE SOFTWARE LICENSE

REMOVE THIS COVER PAGE WHEN DOCUMENT IS READY FOR REVIEW AND SIGNATURE.

RELOCATEYOURSELF.COM B.V - TERMS OF USE OF SERVICES

Entrust Adobe CDS Individual Certificate

If a Client and a Freelancer enter an independent contractor relationship, then this Freelancer Agreement ( Freelancer Agreement ) will apply.

Automatic Recurring Payment Application

Trademark, Domain Name and Social Media Assignment and Transfer Agreement

MERCHANT SERVICES, LEASING AND OPERATING AGREEMENT. ( Blackboard ). In this Agreement, the words; BbOne Card means a stored-value account

ENOM, INC. REGISTRATION AGREEMENT

New Security Features

RapidSSL Subscriber Agreement

EXHIBIT 1 Standard Contract Addendum

Technical Certificates Overview

DIcentral CORPORATION Online Subscriber Service Agreement

Website terms and conditions: services to consumers, payment online. Trading terms and conditions of Raise A Tree Ltd.

TrademarkAuthority Legal Services Engagement Agreement

Certification Practice Statement for Extended Validation Certificates

Non-Proprietary User Agreement BETWEEN

LET S ENCRYPT SUBSCRIBER AGREEMENT

Attachment C - Commercial Card Classic Application & Agreement l JPMORGAN CHASE BANK, N.A. V 1.0_04_27_11

DOMAIN NAME TERMS. Jonathan Neale

CO-MARKETING AGREEMENT

Web Drive Limited STANDARD TERMS AND CONDITIONS FOR THE SUPPLY OF SERVICES

1. The following terms and conditions apply to the domain registration Service: 1. You acknowledge and recognize that the domain name system and the

How To Use Merrimack Web Site

TERMS and CONDITIONS OF USE - NextSTEPS TM

1.1 Certain software, known as SOFTWARE, was developed at STANFORD with grant support from the U.S. Government.

1. Definitions: The capitalized terms used in this Agreement shall have the following meanings unless otherwise specified:

Purchase Order Terms and Conditions

Fuel Express Commercial Fleet Card Application

Non-Proprietary User Agreement No. NPUSR00xxxx SAMPLE BETWEEN

CONSULTING SERVICES AGREEMENT

Transcription:

AUTHENTICATION GUIDE Extended Validation SSL Authentication Requirements VeriSign, Inc.

Copyright 2006 VeriSign, Inc. All rights reserved. The information in this document belongs to VeriSign. It may not be used, reproduced or disclosed without the written approval of VeriSign. DISCLAIMER AND LIMITATION OF LIABILITY VeriSign, Inc. has made efforts to ensure the accuracy and completeness of the information in this document. However, VeriSign, Inc. makes no warranties of any kind (whether express, implied or statutory) with respect to the information contained herein. VeriSign, Inc. assumes no liability to any party for any loss or damage (whether direct or indirect) caused by any errors, omissions, or statements of any kind contained in this document. Further, VeriSign, Inc. assumes no liability arising from the application or use of the product or service described herein and specifically disclaims any representation that the products or services described herein do not infringe upon any existing or future intellectual property rights. Nothing herein grants the reader any license to make, use, or sell equipment or products constructed in accordance with this document. Finally, all rights and privileges related to any intellectual property right described herein are vested in the patent, trademark, or service mark owner, and no other person may exercise such rights without express permission, authority, or license secured from the patent, trademark, or service mark owner. VeriSign Inc. reserves the right to make changes to any information herein without further notice. TRADEMARKS VeriSign, the VeriSign logo, VeriSign Trust Network, and other trademarks, service marks, and logos are registered or unregistered trademarks of VeriSign and its subsidiaries in the United States and in foreign countries. Other trademarks and service marks in this document are the property of their respective owners. 2 VeriSign, Inc.

Table of Contents 1. Overview of Extended Validation Requirements... 4 Authentication Requirements Summary... 4 Managed PKI for SSL Customers... 4 2. Submitting the Acknowledgement of Agreement... 4 Managed PKI for SSL... 4 3. Submitting a Lawyer Opinion Letter... 5 Managed PKI for SSL... 5 4. Organization Authentication Requirements... 5 5. Domain Authentication Requirements... 6 6. Organizational Contact Authentication Requirements... 6 7. Order Verification Requirements... 7 8. Related Links... 8 A. Acknowledgement of Agreement for VeriSign Extended Validation SSL Certificates... 9 B. Acknowledgement of Agreement for VeriSign Managed PKI for SSL Extended Validation SSL Certificates... 10 C. Lawyer Opinion for VeriSign Extended Validation SSL Certificates... 11 D. Lawyer Opinion for VeriSign Managed PKI for SSL Extended Validation SSL Certificates... 13 VeriSign, Inc. 3

1. Overview of Extended Validation Requirements Extended Validation (EV) SSL Certificates help achieve the highest level of consumer trust through the strictest authentication standards of any SSL certificate. Extended Validation authentication guidelines require VeriSign to obtain and verify multiple pieces of identifying information about EV SSL Certificate applicants. To ensure your EV SSL Certificate request is processed quickly, review and provide the authentication documents described below. Authentication Requirements Summary 1. Have the Organizational Contact (identified in the EV certificate order) sign and submit the appropriate Acknowledgement of Agreement form. 2. For faster order authentication, complete and submit the appropriate Lawyer Opinion letter. 3. Review all other authentication requirements to ensure your order can be expediently processed. Managed PKI for SSL Customers If you are a Managed PKI for SSL account holder requesting VeriSign to enable Extended Validation for your account, make sure you use the appropriate forms for Managed PKI for SSL and submit them to the correct fax number or email address. 2. Submitting the Acknowledgement of Agreement REQUIRED: Your Organizational Contact must acknowledge and sign the Acknowledgement of Agreement and fax or mail it to VeriSign. IMPORTANT! VeriSign cannot begin processing your order until the signed Acknowledgement of Agreement form is received. The Acknowledgement of Agreement is found on page 9. Fax or email the signed form to: 1-650-961-8870 support@verisign.com Managed PKI for SSL For Managed PKI for SSL accounts, use the Acknowledgement of Agreement form found on page 10 and fax or email the signed form to: 1-650-237-8892 enterprise-authentication@verisign.com 4 VeriSign, Inc.

3. Submitting a Lawyer Opinion Letter Extended Validation SSL Authentication Requirements To facilitate order processing, complete and submit the Lawyer Opinion letter. The Lawyer Opinion letter verifies certificate and organization details and enables faster issuance of your certificate. IMPORTANT! The Lawyer Opinion letter is the simplest and most expedient method to provide required verification information. If this verification information is not provided through the Lawyer Opinion Letter, it must be provided through other means (described below). VeriSign must be able to confirm the following regarding the Lawyer Opinion letter: + The letter must be from a lawyer, solicitor, barrister, advocate, or equivalent licensed to practice law in the country of the requesting organization s jurisdiction of incorporation, or in any jurisdiction where the organization maintains an office or physical facility. + VeriSign must be able to verify with the appropriate authority that the lawyer is registered in the appropriate jurisdiction. + VeriSign must be able to verify the opinion letter directly with the lawyer. The Lawyer Opinion letter is found on page 11. Fax or email the completed letter to: 1-650-961-8870 support@verisign.com Managed PKI for SSL For Managed PKI for SSL accounts, use the Lawyer Opinion letter found on page 13 and fax or email the signed letter to: 1-650-237-8892 enterprise-authentication@verisign.com 4. Organization Authentication Requirements To qualify for an Extended Validation SSL Certificate, the organization requesting the certificate must be registered as a corporation or equivalent with the appropriate government agency in its country of jurisdiction. VeriSign must be able to confirm all of the following organizational registration requirements: + Official government agency records must include: + The organization s registration number or the organization s date of registration/incorporation. + The organization s registered address (or the address of the organization s registered agent). VeriSign, Inc. 5

+ A non-government data source (such as Dun & Bradstreet) must include the organization s place of business address (as identified in the order.) + If the organization has been registered for less than 3 years, VeriSign must verify operational existence through one of the following means: + Through a non-government data source (such as Dun & Bradstreet) - or - + By verifying the organization has an active demand deposit account (such as a checking account) with a regulated financial institution through a lawyers opinion letter or directly with the financial institution. 5. Domain Authentication Requirements To qualify for an Extended Validation SSL Certificate, domain registration details must reflect the full organization name as included on the certificate request. + The domain must be registered with ICANN or IANA registrar (for CCTLDs). + A parent or subsidiary relationship does not represent sufficient proof of ownership of the domain name. Domain registration details must be updated to reflect the organization name as included on the certificate request. + Where domain registration is not updated to reflect the organization name as identified on the certificate request, a lawyer opinion regarding the organization s exclusive right to use the name is required, in addition to verifying this fact directly with the registered domain contact. + The Organizational Contact must confirm knowledge of the organization s domain ownership during the verification call. 6. Organizational Contact Authentication Requirements To qualify for an Extended Validation SSL Certificate, the Organizational Contact identified in the certificate request must be employed by the requesting organization and have appropriate authority to obtain and delegate Extended Validation certificate responsibilities. Note: Employment and authorization cannot be verified through the organization s Web site. Note: If the Organizational Contact identified in the certificate request is listed in government records as a corporate officer (such as Secretary, President, CEO, CFO, COO, CIO, CSO, Director, or equivalent), then the Organizational Contact s employment and authorization are deemed approved. VeriSign must be able to confirm all of the following Organizational Contact requirements: 6 VeriSign, Inc.

+ Organizational Contact s identity, title, and employment through an independent source. + Organizational Contact is authorized to obtain and approve EV certificates on behalf of the Organization and to delegate this authority to others. This can be verified through one of the following methods: + A Lawyer Opinion letter + A Corporate Resolution letter + Directly contacting the CEO, COO, or similar executive at the Organization to confirm the authority of the Organizational Contact. If no public records are available regarding the CEO, COO, or other executive, VeriSign will contact the Organization s human resources department for contact details. 7. Order Verification Requirements As part of processing an Extended Validation SSL Certificate, VeriSign must verify the certificate request and all certificate details with the Organizational Contact identified in the certificate request. VeriSign must contact the Organizational Contact using an independently-obtained telephone number (not the telephone number provided in the order). VeriSign will obtain the telephone number through one of the following methods: + By researching qualified telephone databases to find a telephone number. Ensure your Organization s primary telephone number is listed in a public telephone directory. + As provided in a Lawyer Opinion letter. + As confirmed during a site visit conducted by VeriSign. During the verification call, VeriSign must verify the following with the Organizational Contact: + The name of the technical contact (or Managed PKI administrator) identified in the certificate request and his or her authority to obtain the Extended Validation certificate on behalf of the Organization. + If applicable, the Managed PKI administrator s authority to delegate Extended Validation responsibilities. + Knowledge of the Organization s ownership and right to use the domain identified in the certificate request. + Approval of the Extended Validation SSL Certificate request. + Acknowledgement of signature on the Acknowledgement of Agreement VeriSign, Inc. 7

8. Related Links For additional details on Extended Validation SSL and authentication requirements, go to: Extended Validation SSL FAQ at: http://www.verisign.com/ssl/ssl-information-center/faq/high-assurance-ssl.htm Guidelines for Extended Validation Certificates at: http://www.cabforum.org 8 VeriSign, Inc.

A. Acknowledgement of Agreement for VeriSign Extended Validation SSL Certificates Instructions This Acknowledgement of Agreement must be signed by the Organizational Contact for your EV certificate order, who is authorized by your Organization to approve EV certificate requests. VeriSign must independently verify the authority of the Organizational Contact. This signed Acknowledgement of Agreement must be submitted to VeriSign at: Fax: 1-650-961-8870 Email: support@verisign.com VeriSign cannot process your order until receipt of this signed Acknowledgement of Agreement. I, [Name of Organizational Contact], have read and confirm my acceptance, on behalf of [Organization Name], of the VeriSign SSL Certificate Subscriber Agreement version 4.0, which includes Extended Validation terms and conditions, a copy of which is available at: http://www.verisign.com/repository/agreements/serverclass3org.html Full name of Organizational Contact: Signature: Title: Date: Place of signing: VeriSign, Inc. 9

B. Acknowledgement of Agreement for VeriSign Managed PKI for SSL Extended Validation SSL Certificates Instructions This Acknowledgement of Agreement must be signed by the Organizational Contact for your EV certificate order, who is authorized by your Organization to approve EV certificate requests. VeriSign must independently verify the authority of the Organizational Contact. This signed Acknowledgement of Agreement must be submitted to VeriSign at: Fax: 1-650-237-8892 Email: enterprise-authentication@verisign.com VeriSign cannot process your order until receipt of this signed Acknowledgement of Agreement. I, [Name of Organizational Contact], have read and confirm my acceptance, on behalf of [Organization Name], of the VeriSign SSL Certificate Subscriber Agreement version 4.0, which includes Extended Validation terms and conditions, a copy of which is available at: http://www.verisign.com/repository/agreements/serverclass3org.html I further confirm that the following named employees of the Organization are duly authorized to act as administrators on the Organization s VeriSign Managed PKI for SSL account, with authority to request and/or approve EV SSL certificate applications on behalf on the Organization. They are also authorized to delegate this authority to others. The authority to delegate shall be valid until specifically revoked by the Organization. Name Email 1. (Required) 2. (Optional) 3. (Optional) 4. (Optional) 5. (Optional) Full name: Signature: Title: Date: Place of signing: 10 VeriSign, Inc.

C. Lawyer Opinion for VeriSign Extended Validation SSL Certificates To: Re: VeriSign, Inc, Fax: 1-650-961-8870 Email: support@verisign.com [May be sent by fax or email attachment] EV Certificate Order Number: <enter order number> Client: <Exact Organization Name of Client 1 > Organizational Contact: <Exact name of Organizational Contact who signed the Acknowledgement of Agreement> Instructions 1. This letter must be completed by your legal counsel, who must be properly registered with the appropriate authorizing agency of his or her jurisdiction. 2. If you are unable to attest to any fact below, you may indicate so by striking a line through the relevant section. 3. VeriSign will contact you to verify your legal opinion. I represent the Organization ( Client ) that has submitted the EV certificate order ( EV Certificate Order Number ) referenced above. I have been asked by my Client to present you with my opinion as stated in this letter. My opinion below is based on my familiarity with the relevant facts and the exercise of my professional judgment and expertise. [Optional: Insert customary preliminary matters for opinion letters in your jurisdiction.] On this basis, I hereby offer the following opinion: 1. [name of Organizational Contact] is employed by my Client as [enter job title], and has the necessary authority to act on behalf of my Client to: (a) Provide the information about my Client s organization that is required for issuance of the EV Certificate as referenced above (b) Request one or more EV Certificates and to designate other persons to request EV Certificates (c) Agree to the relevant contractual obligations contained in the VeriSign SSL Certificate Subscriber Agreement 1 This must be the Client s exact corporate name, as registered with the relevant Incorporating Agency in the Client s Jurisdiction of Incorporation. This is the name that will be included in the EV Certificate. VeriSign, Inc. 11

(d) Confirm ownership of domain(s) to be included in any EV Certificate order. 2. My Client has a physical presence and its principal place of business at the following location: Address : City: State: ZIP/Postal Code 3. My Client s telephone number(s) 2 where the Organizational Contact can be contacted telephonically is: [Area Code] [Number] 4. Client owns or has lawful right to use the domain name <Domain Name/s (optional) [Domain/s included in EV request] in identifying itself on the Internet. 5. Client has an active current Demand Deposit Account 3 with [name of institution], a regulated financial institution. [Optional: Insert customary limitations and disclaimers for opinion letters in your jurisdiction.] Name: Signature: Date: Jurisdiction(s) where admitted to practice: Contact information for the authorizing agency where VeriSign may verify your authority to practice law: 2 The telephone number(s) must be listed in a public telephone directory. 3 Demand Deposit Account: a deposit account held at a bank or other financial institution, the funds deposited in which are payable on demand. The primary purpose of demand accounts is to facilitate cashless payments by means of check, bank draft, direct debit, electronic funds transfer, etc. Usage varies among countries, but a demand deposit account is commonly known as: a checking account, a share draft account, a current account, or a checking account. 12 VeriSign, Inc.

D. Lawyer Opinion for VeriSign Managed PKI for SSL Extended Validation SSL Certificates To: VeriSign, Inc, Fax: 1-650-237-8892 Email: enterprise-authentication@verisign.com [May be sent by fax or email attachment] Client: <Exact Organization Name of Client 4 > Organizational Contact: <Exact name of Organizational Contact who signed the Acknowledgement of Agreement> Instructions 1. This letter must be completed by your legal counsel, who must be properly registered with the appropriate authorizing agency of his or her jurisdiction. 2. If you are unable to attest to any fact below, you may indicate so by striking a line through the relevant section. 3. VeriSign will contact you to verify your legal opinion. I represent the Organization ( Client ) that has submitted the EV certificate order ( EV Certificate Order Number ) referenced above. I have been asked by my Client to present you with my opinion as stated in this letter. My opinion below is based on my familiarity with the relevant facts and the exercise of my professional judgment and expertise. [Optional: Insert customary preliminary matters for opinion letters in your jurisdiction.] On this basis, I hereby offer the following opinion: 1. [name of Organizational Contact] is employed by my Client as [enter job title], and has the necessary authority to act on behalf of my Client to: (a) Provide the information about my Client s organization that is required for issuance of the EV Certificate as referenced above (b) Request one or more EV Certificates and to designate other persons to request EV Certificates (c) Agree to the relevant contractual obligations contained in the VeriSign SSL Certificate Subscriber Agreement (d) Confirm ownership of domain(s) to be included in any EV Certificate order. 4 This must be the Client s exact corporate name, as registered with the relevant Incorporating Agency in the Client s Jurisdiction of Incorporation. This is the name that will be included in the EV Certificate. VeriSign, Inc. 13

2. My Client has a physical presence and its principal place of business at the following location: Address : City: State: ZIP/Postal Code 3. My Client s telephone number(s) 5 where the Organizational Contact can be contacted telephonically is: [Area Code] [Number] 4. Client owns or has lawful right to use the domain name <Domain Name/s (optional) [Domain/s included in EV request] in identifying itself on the Internet. 5. Client has an active current Demand Deposit Account 6 with [name of institution], a regulated financial institution. [Optional: Insert customary limitations and disclaimers for opinion letters in your jurisdiction.] Name: Signature: Date: Jurisdiction(s) where admitted to practice: Contact information for the authorizing agency where VeriSign may verify your authority to practice law: 5 The telephone number(s) must be listed in a public telephone directory. 6 Demand Deposit Account: a deposit account held at a bank or other financial institution, the funds deposited in which are payable on demand. The primary purpose of demand accounts is to facilitate cashless payments by means of check, bank draft, direct debit, electronic funds transfer, etc. Usage varies among countries, but a demand deposit account is commonly known as: a checking account, a share draft account, a current account, or a checking account. 14 VeriSign, Inc.