by Rehmat
12 replies
  • SEO
  • |
Hello friends, I am going to ask something about SSL certificates. As for as my knowledge, SSL certificate issuers like Verisign, Thawte etc. certify a website and then issue them a certificate. My question is, do these services certify illegal websites also? I came across an email and SMS spoofing website which is certified by DigiCert. Is this normal? I am sorry if I have asked a stupid question. But I am waiting for your replies.
#certificates #ssl
  • Profile picture of the author Gary Becks
    Not understanding your question completely, but if you are asking if some bad sites slip through the cracks - the answer is yes.

    SSL certificates for the most part are just used to show that a site is safe in terms of your information, identity theft, spyware, etc..

    Not sure what SMS spoofing has to do with any of that or how it would stop the site from getting an SSL certificate .
    {{ DiscussionBoard.errors[7157346].message }}
  • Profile picture of the author FrankRumbauskas
    Only an Extended Validation or "Green Bar" SSL verifies the website, the owner, that it's legit, etc. A regular SSL is something anyone can buy and install on their site.
    Signature

    New York Times Best-Selling Author
    Certified Google Partner Company
    Fast Company's Top 30 Most Influential People Online

    {{ DiscussionBoard.errors[7157629].message }}
  • There was news item that hackers had successfully cracked SSL so indeed it can be done and has been done. First time is the hardest.
    {{ DiscussionBoard.errors[7157668].message }}
  • {{ DiscussionBoard.errors[7159596].message }}
  • Profile picture of the author namesbeyond
    Originally Posted by Rehmat View Post

    Hello friends, I am going to ask something about SSL certificates. As for as my knowledge, SSL certificate issuers like Verisign, Thawte etc. certify a website and then issue them a certificate. My question is, do these services certify illegal websites also? I came across an email and SMS spoofing website which is certified by DigiCert. Is this normal? I am sorry if I have asked a stupid question. But I am waiting for your replies.
    They verified only the domain name by email, they never bothered about the content.
    {{ DiscussionBoard.errors[7160382].message }}
  • Profile picture of the author dsilvaevan
    Just a quick Question here. does SSL certification helps to show any kind of authority in the eyes on google?
    Signature

    {{ DiscussionBoard.errors[7160397].message }}
    • Profile picture of the author Rehmat
      Originally Posted by dsilvaevan View Post

      Just a quick Question here. does SSL certification helps to show any kind of authority in the eyes on google?
      If your question is, either Google shows any sign of SSL encrypted website in its results, then the answer is yes. The SSL encrypted websites' URL contains the "https" protocol which leaves a feeling in the searcher's heart that the website is certified. But Google doesn't show any authority or ownership details related to SSL certification in its search results.
      {{ DiscussionBoard.errors[7162055].message }}
  • Profile picture of the author pjman
    Ssl has never been considered a huge ranking factor. But the existence of one for your domain proves that you care about your users privacy more than most. Many people speculate that this is taking into consideration by google.
    {{ DiscussionBoard.errors[7163082].message }}
    • Profile picture of the author dsilvaevan
      Originally Posted by pjman View Post

      Ssl has never been considered a huge ranking factor. But the existence of one for your domain proves that you care about your users privacy more than most. Many people speculate that this is taking into consideration by google.
      thanks for the reply will look into this and maybe experiment with1 or 2 of my sites
      Signature

      {{ DiscussionBoard.errors[7163357].message }}
      • Profile picture of the author OliviaSSLGuru
        Originally Posted by dsilvaevan View Post

        Just a quick Question here. does SSL certification helps to show any kind of authority in the eyes on google?
        Originally Posted by dsilvaevan View Post

        thanks for the reply will look into this and maybe experiment with1 or 2 of my sites
        let me bring update you that if gone through one of major SSL brand such as Symantec then their SSL certificate security includes feature of Norton Trust Seal which will display seal in seach in order to maximize click-through and conversion.

        Apart from this let me tell you that Seal in Search feature is only available with Symantec SSL certificate brand security. below here i m attaching the screen shot of search result of Google where seal is available.

        {{ DiscussionBoard.errors[7169312].message }}
  • Profile picture of the author so11
    Originally Posted by Rehmat View Post

    Hello friends, I am going to ask something about SSL certificates. As for as my knowledge, SSL certificate issuers like Verisign, Thawte etc. certify a website and then issue them a certificate. My question is, do these services certify illegal websites also? I came across an email and SMS spoofing website which is certified by DigiCert. Is this normal? I am sorry if I have asked a stupid question. But I am waiting for your replies.
    Hello Rehmat,

    First of all, there are different kind of certificates :

    a. Personal certificate - Identifies a person (To get this kind of certificate, a person must prove his/her identity).

    b. System/machine certificate - ex. Identifies a server (To get this kind of certificate, you must prove that domain/IP/owner are legit and all tide up together).

    Second of all, if you see a SSL certificate on a Website, that doesnt guaranty that the site is secure all the way. All it means, is that you are at the correct site (no spoofing was done).

    If the site has an authentication, a SSL certificate can be used to protect authentication process/information.

    Third, there are security seal services, that can check your site for malware, vulnerabilities and so on, and put a Security Seal on your site (norton, sitelock, etc.) if everything is OK. Now, this seal proofs to your visitors that the site is secure and not blacklisted. So, security seal service and SSL certificate are two completely differents things.

    Now and finaly to answer your question, If a person can prove that the website is his/her, he/she can get a certificate from known certificate providers.

    Also dont forget, that people can create/generate their own certificates and try to pass them as the ones coming from known providers. Thats why you should always check the info on the certificate.

    hope it helps,

    good luck
    Signature
    www.groupesoloviev.com
    We help businesses manage cyber risk and compliance requirements.
    {{ DiscussionBoard.errors[7171099].message }}

Trending Topics