1. DOMAIN VALIDATED CERTIFICATES (DV)

• A - Email Challenge-Response DCV
• B - HTTP Based DCV
• C - DNS CNAME Based DCV
Following completion of one of the elements above the certificate will be signed and released

 

Note that ALL SSL Certificates MUST undergo the above DCV process in addition to any other requirements listed below for OV and EV certificates.


2. ORGANIZATION VALIDATED (OV) AND CODE SIGNING CERTIFICATES

Step1 – Verify Identity and Address - This can be acquired using the following online resources:

If Applicant is an Organization (corporation, government agency, registered business entity, etc.):
We MUST verify Identity through one of the following (these may also be used to verify address if it's included):

A. A government agency in the jurisdiction of the Applicant’s legal creation, existence, or recognition;
B. A third party database that is periodically updated and considered a Reliable Data Source (see QIIS below);
C. A site visit by the CA or a third party who is acting as an agent for the CA; or
D. An Attestation Letter.

We MAY use the following to verify ADDRESS provided that identity has been verified as required above:

A. Articles of Incorporation (with address) 
B. Government Issued Business License (with address)
C. Copy of a recent company bank statement (you may blacken out the Account Number)
D. Copy of a recent company phone bill
E. Copy of a recent major utility bill of the company (i.e. power bill, water bill, etc.) or current lease agreement for the company

If the Applicant is an Individual:
We MUST obtain ALL of the following:

A. Copy of a valid driver's license or passport of the Applicant
B. Copy of a recent major utility bill (i.e. power bill, water bill, etc.) or bank statement of the Applicant
Note: If the Driver’s License and Passport is not listing any address details or those details do not match with the account, then we need A. and 2 docs from B.

*Note:Recent=dated within the last 6 months

Step 2 – WhoIs Verification (Registrant company name and address)

Step 3 - DCV (Domain Control Validation)

Step 4 – Callback to a Verified Telephone Number (to verify applicant)

The phone number MUST be verified via one of the following:

A. Government database (QGIS)
B. Other third party database (QIIS)
C. Verified legal opinion or accountant letter.

Once the phone number is verified Comodo validation staff will call the Applicant to verify the authenticity of the certificate request. Following successful completion of the elements above the certificate will be signed and released.

* OV = Organization Validated SSL


3. EXTENDED VALIDATED CERTIFICATES (EV)

ALL requirements for EV Certificates MUST be verified directly with the government registration authority, or a Qualified Independent Information Source, or via a legal opinion or accountant letter as applicable. The basic verification requirements are:

A. Verify Legal Existence and Identity
This entails verifying the organization registration directly with the incorporating or registration agency.

B. Verify Trade/Assumed Name as applicable.
Only applicable if company does business under a name which is different from the official name of their corporation. Trade name must be registered and verifiable.

C. Verify Operational Existence
This means that we must verify that the company is able to conduct business operations. Typically this means that the company has a current active demand deposit account with a regulated financial institution.

D. Verify Physical address and organization phone number

E. Verify Domain ownership

F. Verify the name, title, authority and signature of the person(s) involved in requesting the certificate and agreeing to the terms and conditions.

 

Found this article interesting?
Subscribe to DomainRegister´s newsletter!

You can unsubscribe at any time by simply clicking the link in the footer of our emails. For information about our privacy practices, please visit our website.

We use Mailchimp as our marketing platform. By clicking below to subscribe, you acknowledge that your information will be transferred to Mailchimp for processing. Learn more about Mailchimp s privacy practices here.

  • 0 Utenti hanno trovato utile questa risposta
Hai trovato utile questa risposta?

Articoli Correlati

 Comodo Code Signing Certificate - General FAQ

Who needs a Code Signing ID?Any publisher who plans to distribute code or content over the...

 Comodo Code Signing Certificate - Activation and Installation FAQ

Which browser and version do I need to use for generation and instalaltion of Comodo Code Signing...

 Professional Opinion Letter for Extended Validation

When applying for EV, it can greatly speed up the process to complete and submit a professional...

 Comodo Document Submission Contacts

If you're required to send documents to Comodo, in order to confirm a EV SSL Certificate or a...

 Sectigo EV Certificate Validation Checklist

When submitting an EV Certificate application, Sectigo will validate the following:...