Does your small business need a legal opinion in connection with the issuance of an EV SSL Certificate? If so, our attorneys are experienced with the process and can help your business through the process by providing a verified legal opinion.
What is an EV SSL Certificate?
You may be asking yourself, what exactly is an EV SSL certificate and how can my business benefit from obtaining an EV SSL certificate?
In 2006, a group of browser vendors and SSL Certificate Authorities (CAs) approved standard practices for certificate validation and display called the “Extended Validation Standard”. To issue an SSL Certificate that complies with the standard, a CA must adopt the extended certificate validation practice and pass an audit. The validation process often requires the CA to, among other things, seek an attorney prepared SSL Certificate legal opinion as to certain information pertinent to the identity of the party requesting the SSL Certificate.
Extended Validation (or EV) SSL Certificates are a type of SSL Certificate intended to give the users of your website a sense of security by giving them confidence in your identity. SSL Certificates achieve this by toggling certain distinct features in modern web browsers that implement certain security features (see Figure 1). The presence of these browser security features helps to assure that your customers (or clients) are viewing your business’ website and not a counterfeit website fraudulently constructed to imitate your website and steal confidential information.
Although browser security features differ slightly across browser software choice and operating system, sites with a valid EV SSL certificate typically exhibit security characteristics such as: (1) a green browser bar and/or green text, (2) a security lock icon followed by the identity of the publisher, (3) and a website designator that begins with “https” instead of “http”. Over time, all of the above described security features have become commonly associated with a “secure web site”.
Figure 1: An example of EV SSL Certificate security characteristics in four Windows based web browsers: (1) Internet Explorer, (2) Mozilla Firefox, (3) Google Chrome, and (4) Opera.
What types of entities are eligible to receive an EV SSL Certificate?
A governing body called the Certification Authority/Browser Forum (for short, the CA/Browser Form) proscribes the types of legal entities that are eligible to obtain EV SSL Certificates. Although it used to be that only corporations were eligible, under revised criteria, the following entities are eligible, provided they are currently registered with and approved by an official and verifiable registration agency in their jurisdiction:
- Limited Liability Companies (LLCs)
- General partnerships
- Sole proprietorship
- Unincorporated associations
Requirements of an EV SSL Certificate Legal Opinion
When requesting an EV SSL Certificate, often times the issuer will request a legal opinion letter to confirm that the requester has the requisite legal authority to obtain an EV SSL Certificate(s) on behalf of the company.
Although the form of the legal opinion letter will vary slightly from issuer to issuer, in the SSL opinion letter, the attorney is often asked to confirm information about the requester, including:
- Certificate approver: Name, title, agency and authorization
- Contract signer: Name, title, agency and authorization
- Place of business
- Phone number
- Operational experience
- Domain name exclusive right of use
- Domain name exclusive right of use knowledge
Knowledgeable Legal Counsel
If your company or business desires to have a EV SSL Opinion Letter prepared by an attorney experienced and familiar with the process, please contact the law firm of Stephens & Kray and tell us about your matter.
Figure 2: A Typical EV SSL Opinion Letter
Common Certificate Authorities requesting legal opinions in connection with the issuance of an EV SSL Certificate: