ie8 fix
madison

Zero Day

Ryan Naraine, Emil Protalinski and Dancho Danchev
Home / News & Blogs / Zero Day

Netcraft survey indicates slow adoption of Extended Validation SSL certificates

By | April 26, 2011, 4:05am PDT

Summary: According to the latest Netcraft SSL Survey, Extended Validation SSL certificates still only account for 2.3% of all valid third party certificates analyzed by the company.

According to the latest Netcraft SSL Survey, Extended Validation SSL certificates still only account for 2.3% of all valid third party certificates analyzed by the company. The steady, but slow adoption is attributed to both, pricing and site verification concerns. The survey finds that extended validation SSL certificates are most prevalent on high traffic or financial web sites, and are used to further establish a trusted relationship between the web site and the visitor.

Restricting the survey’s sample to the busiest 1,000 websites in the world, 81 sites accepted HTTPS connections and presented a valid SSL certificate. Nearly a third of these certificates used Extended Validation – a far higher proportion than the 2.3% share of all certificates.

Although the ubiquitous green indicator is in fact often cited as the first thing to look for in order to establish a (financial) site’s legitimacy, a site using EV SSLs cannot be fully trusted as a compromised portion of it — say through SQL injection — may lead to a successful phishing campaign relying on this very same trusted infrastructure.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Zero Day”

Topics

Security, SSL, Survey, Netcraft, Netcraft Survey, Marketing Research, Marketing, Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Disclosure

Dancho Danchev

More details on Dancho Danchev's current and past professional affiliations, can be found in his LinkedIn profile.

Biography

Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community on a daily basis. More details on Dancho Danchev's current and past professional affiliations, can be found in his LinkedIn profile. You can also follow him on Twitter

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?
Ask a Question Start a Discussion
4
Comments
Add Your Opinion

Join the conversation!

Just In

Intro to NetCraft
AsifHussain1 31st Dec
For those who are unfamiliar with the NetCraft service, here is a brief introduction.

http://dougvitale.wordpress.com/2011/11/02/netcraft/
View in thread
0 Votes
+ -
The Role of SSL?
hollylarocco 27th Apr 2011
It?s no wonder that heavy traffic and financial sites are the biggest users of EV SSL. These are the sites that need to exude trust the most-- from both a competitive and best practices standpoint. But let?s not create any confusion on what EV SSL does and does not do. Regarding the last sentence, EV SSL and SQL injections are orthogonal technologies. Saying a site using EV SSL can?t be fully trusted because it might have a website vulnerability is like saying a car that uses airbags can?t be trusted because the car might have a faulty fuel tank. It is not the place of SSL to know whether or not a site is coded correctly to maintain a secure experience. It is the place of SSL to verify that a site is really who it says it is, and that empowers visitors to decide whether or not they trust this particular business to get its security right. The most common social engineering attack on the Web is the classic phish, and EV SSL remains a great stride forward in combating that phenomenon. Online businesses should definitely protect themselves from website vulnerabilities, and they should also help protect customers from phishing. (Full Disclosure: I work for Symantec.)
0 Votes
+ -
RE: Netcraft survey indicates slow adoption of Extended Validation SSL certificates
lovedong 13th Sep
I needed a psd like this! Thanks for making it! replica watches best
0 Votes
+ -
RE: Netcraft survey indicates slow adoption of Extended Validation SSL certificates
talih Updated - 12th Aug
Well done! Thank you very much for professional templates and community edition
sesli chat sesli sohbet
0 Votes
+ -
Intro to NetCraft
AsifHussain1 31st Dec
For those who are unfamiliar with the NetCraft service, here is a brief introduction.

http://dougvitale.wordpress.com/2011/11/02/netcraft/

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix
Click Here
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix