There are 3 categories of certificates.

1. DV : Domain-Validated
2. OV : Organization-Validated
3. EV : Extended-Validation

Different categories provide different degrees of trust.

More Validation = More Money need to be paid for purchaser of the cert.

DOMAIN-VALIDATED

• Most common form of SSL certificate
• Only verifies that the requestor has valid control over the domain name listed in the certificate.
• Methods used for validation are as follows:
  • Put a CA-provided challenge at a specific place on the website.
  • Put a CA-provided challenge in a DNS record corresponding to the target domain.
  • Receive a CA-provided challenge at a administrator controlled email address corresponding to the domain and the respond to it on the CA’s web page.
  • CA requests installation of software on your web host ( i.e. ACME protocol ) . ACME means “ Automatic Certificate Management Environment “

ORGANIZATION-VALIDATED

• This is more secure than the prior one, also known as “ High Assurance “ certificates.
• CA will verify that the actual business that is attempting to get the certificate ( like identity and street address ).
• Below are the variety of methods used for validation :
  • Link to a government agency in the jurisdiction of the applicant’s legal creation , existence or recognition.
  • Link verifying your information in a third party database that is periodically updated and considered a reliable data source.
  • Copies of government issued business license.

EXTENDED-VALIDATION

• This type of certificate provide the maximum amount of trust to visitors , and also requires the most effort by the CA to validate.