搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

Clarify Extended Validation

  • 2 个回答
  • 1 人有此问题
  • 5 次查看
  • 最后回复者为 cor-el

more options

I am trying to establish that a Web site uses Extended Validation as described in [https://support.mozilla.org/en-US/kb/.../how-do-i-tell-if-my-connection-is-secure]. It says:

"For sites using EV certificates, the legal company or organization name and location of the website owner displays when you click the gray padlock."

Here is a site that I am highly confident uses extended validation. You can read this for more details on why this matters a great deal read this for more details on why this matters a great deal. When I click on the gray padlock, I get a simple pop-up that doesn't display the legal company/org name or location of the web site! But it does show a gray padlock, green text "Connection Secure", and a clickable right-arrow. I then click on "more information", then "View Certificate" to finally get org details...but I still have no idea if this is an EV certificate! The only clue may be the detail "Extended Key Usages" "Purposes: Server Authentication, Client Authentication". I want to conclude that this means this is an EV certificate, but I am unable to find any documentation from Firefox/Mozilla that proves that this is an EV certificate. I suppose I could phone the organization and manually verify their details vs. what it says on the certificate, but this is a lot of work! Worse, for large organizations that go by different names and addresses, it could be a legit connection to the org's Web server, but what they tell me on the phone still might not match what the certificate says.

Can anybody shed light on this? How can I easily verify that this is an EV certificate?

I am currently running Firefox 76.0.1 (64-bit) on Win 7.

Previously, Firefox made this easy by displaying a green padlock symbol. Some Firefox forks still do, such as the *current* version of Tor Browser which is 9.0.10 (based on Mozilla Firefox 68.8.0esr) (32-bit).

Why did Firefox stop displaying the green padlock?

I am trying to establish that a Web site uses Extended Validation as described in [[https://support.mozilla.org/en-US/kb/how-do-i-tell-if-my-connection-is-secure|https://support.mozilla.org/en-US/kb/how-do-i-tell-if-my-connection-is-secure]]. It says: "For sites using EV certificates, the legal company or organization name and location of the website owner displays when you click the gray padlock." [https://www.grc.com/fingerprints.htm Here] is a site that I am highly confident uses extended validation. You can [https://www.grc.com/ssl/ev.htm read this for more details on why this matters a great deal] read this for more details on why this matters a great deal. When I click on the gray padlock, I get a simple pop-up that doesn't display the legal company/org name or location of the web site! But it does show a gray padlock, green text "Connection Secure", and a clickable right-arrow. I then click on "more information", then "View Certificate" to finally get org details...but I still have no idea if this is an EV certificate! The only clue may be the detail "Extended Key Usages" "Purposes: Server Authentication, Client Authentication". I want to conclude that this means this is an EV certificate, but I am unable to find any documentation from Firefox/Mozilla that proves that this is an EV certificate. I suppose I could phone the organization and manually verify their details vs. what it says on the certificate, but this is a lot of work! Worse, for large organizations that go by different names and addresses, it could be a legit connection to the org's Web server, but what they tell me on the phone still might not match what the certificate says. '''Can anybody shed light on this? How can I easily verify that this is an EV certificate?''' I am currently running Firefox 76.0.1 (64-bit) on Win 7. Previously, Firefox made this easy by displaying a green padlock symbol. Some Firefox forks still do, such as the *current* version of Tor Browser which is 9.0.10 (based on Mozilla Firefox 68.8.0esr) (32-bit). '''Why did Firefox stop displaying the green padlock?'''
已附加屏幕截图

所有回复 (2)

more options

This is from Firefox 76, but it may also be true for Firefox 68: EVSSL certificates have a verified owner so Firefox shows the owner name on the drop-down. Paypal is my usual example. Domain-validated certificates do not show an owner name in that position.

more options

See also "Page Info -> Security".

  • click the padlock icon at the left end of the location/address bar
  • click the arrow to expand the security message
  • click "More Information" to open "Tools -> Page Info"