ARTICLES - The Infrastructure Behind VeriSign Digital Certificates from VeriSign, Inc.

Internet Infrastructure Registry Authentication Identity Messaging Content Delivery
You Are Here: US Home > So the world can > Articles > The Infrastructure Behind VeriSign Digital Certificates
 

ARTICLES

The Infrastructure Behind VeriSign Digital Certificates

In record numbers, consumers are heading to the Web to shop with ease while avoiding long lines, crowds, and jammed parking lots. According to the Nielson Company, online shopping on the day after Thanksgiving this year rose 10 percent over last year (as covered in a recent Marketwire release). And many such shoppers will be looking for signs of assurance that the sites they wish to shop on can be trusted. For this level of confidence, many will be keeping an eye out for the VeriSign Secured™ Seal, the most recognized trust mark on the Internet (TNS Research, August 2006), currently displayed on more than 91,000 sites across more than 145 countries, and viewed over a hundred million times a day. But did you know that VeriSign Secure Sockets Layer (SSL) Certificates are also supported by one of the most reliable, trusted infrastructures in existence today?

The VeriSign Secured Seal signals the presence of a VeriSign SSL Certificate, which encrypts the data traveling between the client and Web server so that it cannot be intercepted and used for ill intentions by an unauthorized party. In addition, holders of VeriSign SSL Certificates must pass through a rigorous authentication process to demonstrate that they are who they say they are.

Web surfers wishing to verify a VeriSign SSL Certificate, if they are running Internet Explorer 7 (IE 7), can take advantage of  VeriSign’s Online Certificate Status Protocol (OCSP) responder, which validates certificates in close to real time (In contrast, other trust marks are updated once or twice a day, and if such a certificate is revoked, a user might not know right away). If they are on a site that has deployed a VeriSign Extended Validation (EV) SSL Certificate, and the certificate is in good standing, the address bar in high security Web browsers—such as IE 7—will turn a shade of green; with VeriSign EV SSL Certificates, the VeriSign OCSP responder validates the certificate in the background.  EV SSL Certificates provide an additional level of confidence forthe visitor, further ensuring the safety of their online transaction. In addition, holders of VeriSign EV SSL Certificates are authenticated according to the industry’s most stringent authentication procedures.

To validate certificates in such a short time (usually in a fraction of a second), VeriSign’s OCSP responder leverages a highly scalable and reliable lookup engine, which currently processes 120 million transactions in a single day and has the capacity to facilitate many times that throughput. This is the same technology with which VeriSign has managed the world’s authoritative .com and .net root servers, which allows the fundamental daily operation of Web and email services, with 100% availability since 1998. Other SSL vendors may employ similar technology which must rely on a third party to support OCSP, as they do not have such an infrastructure already in place. By making use of its existing Internet infrastructure, VeriSign can manage OCSP lookups with little to no chance of timeout or failure. 

For more information, please visit the SSL Certificates section of the VeriSign Web site.

Infrastructure Insights

Current Articles
Imposter Web Sites: More Deceptive Than You Might Think
OpenID: Rx for Password Fatigue
  Leveraging Domain Name Data to Combat Phishing
  Accountability: How to Stop Internet Crime
Sign Up Now for this Email Newsletter >>