Product Pages final thawte · communications in Brazilian Portuguese, Croatian, Danish, Dutch, English, Finnish, French, ... information from consumers has put a spotlight on the

thawte™ Partner Product Pages SSL Certificates

THAWTE PARTNER PRODUCT PAGES

3

Table of Contents

Choosing thawte™ or VeriSign® for SSL ................................................................................... 4

thawte...........................................................................................................................4

VeriSign........................................................................................................................4

Authentication Standards............................................................................................................. 6 Extended Validation Authentication..........................................................................6

Organization Authentication ......................................................................................7

Domain Authentication...............................................................................................8

thawte™ Product Sheets .............................................................................................................. 9 SSL Web Server Certificates with EV........................................................................9

SGC SuperCerts ........................................................................................................11

SSL Web Server Certificates....................................................................................13

SSL Web Server Wildcard Certificate......................................................................15

Code Signing Certificates ........................................................................................16

SSL123 Certificates...................................................................................................17

VeriSign® SSL Product Sheets................................................................................................... 19 VeriSign Secure Site Pro with EV............................................................................19

VeriSign Secure Site Pro..........................................................................................21

VeriSign Secure Site with EV...................................................................................23

VeriSign Secure Site .................................................................................................25


4

Choosing thawte™ or VeriSign® for SSL

All of our brands are backed by a dedication to excellence in customer support. Every SSL

Certificate from a VeriSign-owned company is signed with a reliable and ubiquitous root so

customers don’t have to worry that they will end up with Web site visitors not protected by their SSL

Certificate because there is a problem with the underlying SSL root.

thawte The thawte brand is characterized by some distinctive features and is a popular SSL brand. For

over 10 years, many customers have been very dedicated to thawte as their SSL provider.

thawte provides the most expansive browser support in the industry bar none and historically was

the first brand to support Apache servers. This brand also caters specifically to a multi-lingual

customer base. The thawte seal comes in 18 different languages. Document translation into

English is not required; resellers and customers are welcome to submit documents and

communications in Brazilian Portuguese, Croatian, Danish, Dutch, English, Finnish, French,

German, Icelandic, Italian, Korean, Japanese, Norwegian, Polish, Portuguese, Slovenian, Spanish,

and Swedish.

In addition to a broad range of standard SSL, thawte also offers certificates with the advanced

encryption technology of SGC and certificates with the new Extended Validation standard for high

level authentication and identification.

VeriSign VeriSign is by far the world’s most well-known SSL brand for securing e-commerce and

communications over intranets, extranets and the Web. Many organizations choose VeriSign for

the consumer confidence-building power of the brand’s reputation for online security.

VeriSign customers have reported an increase in completed transactions on their Web sites after

visibly deploying the VeriSign Secured™ Seal to inform potential customers that their transactions

are protected with VeriSign SSL. Customers, such as Opodo.com who claim they experienced a

10% increase in completed transactions after adding the VeriSign Secured Seal to their Web site,


5

have seen a valuable return on their investment in an SSL Certificate from VeriSign. The VeriSign

Secure Seal is available in 13 languages.

Over a 100 million Web users see the VeriSign Secured Seal every day. The world’s 40 largest

banks and 93% of Fortune 500 companies are protected by VeriSign SSL Certificates.

All VeriSign SSL Certificates come with the NetSure Protection Plan warranty protection.

All the latest SSL advances in encryption and authentication are available through VeriSign

products including a rare combination of both SGC encryption and Extended Validation

authentication and identification.


6

Authentication Standards Due to the prevalence of counterfeit Web sites on the Internet, one of the key purposes of an SSL

Certificate is to help assure consumers that they are actually doing business with the Web site they

believe they are accessing. An SSL Certificate provided by a trusted third-party authenticates the

identity of a Web site based on a validation process performed by the Certificate Authority (CA).

However, there are several different levels of validation that back SSL Certificates depending on

the certificate and the CA.

The level of identity authentication assured by a CA is a significant differentiator between SSL

Certificates. The explosive growth of phishing and other fraudulent Web sites designed to steal

information from consumers has put a spotlight on the authentication strength of various SSL

Certificates and the authentication processes employed by different CAs. There are three

commonly recognized categories of SSL authentication; Extended Validation (EV), organization

authentication, and domain authentication.

Extended Validation Authentication Extended Validation (EV) authentication is the highest level of authentication available with an SSL

Certificate. Any Web site with an established brand reputation should consider the benefits of an

SSL Certificate with EV authentication. New, high-security browsers, such as Microsoft® Internet

Explorer 7, identify these Web sites as authenticated by prominently displaying a green address bar

and security status bar with the name of the verified organization that owns the Web site. These

certificates are by far the most noticeable forms of identity authentication based on SSL technology

by consumers.

The CA/Browser Forum, a consortium of Certificate Authorities and Browser manufacturers,

developed this category of Web site authentication as an industry-wide standard. In order to be

authorized to issue EV SSL Certificates, a CA must pass regular third-party audits confirming that it

meets the requirements set out in this standard for validating the identity of certificate requesters.

More information on the CA/Browser Forum and the EV standard is available at www.cabforum.org.

Getting an EV authenticated certificate

thawte, and VeriSign require a signed acknowledgement of agreement from the corporate contact

listed on any order for an EV SSL Certificate. A company registration document may also be

required if the we are unable to confirm the organization’s details through a government database.

A legal opinion letter may also be requested to confirm the following details about the organization

applying for the Extended Validation SSL Certificate:

• Physical address of place of operation


7

• Telephone number

• Confirmation of exclusive right to use the domain

• Additional confirmation of the organization’s existence (if less than 3 years old), and

• Verification of the corporate contact’s employment.

These are the standard methods of identity verification used to validate organizations for EV SSL

Certificates, however, documentation requirements may vary depending on the information

available on various approved online databases.

Organization Authentication Organization authentication, also known as business identity authentication, is a high assurance

level of authentication.

SSL Certificates with this level of authentication require verification of an organization’s existence

through a government issued business credential. Usually thawte or VeriSign will get this

independent verification by searching one of many government or private databases to which they

have access. If we cannot find “proof of right” to do business in the stated name for a certificate

requester, we may request a copy of one of the following items:

• Articles of Incorporation

• Business License

• Certificate of Formation

• Doing Business As

• Registration of Trade Name

• Charter Documents

• Partnership Papers

• Fictitious Name Statement

• Vendor/Reseller/Merchant License

• Merchant certificate

• US Tax Licenses for non-profit organizations and sole proprietorships (in either case the

state tax documents must list the organization as non-profit or sole proprietor)

The Organization named in the certificate requester’s Distinguished Name (CSR) must reflect the

full legal name of their business. If the official name of the business as listed in one of the above

sources of business credentials does not match the Distinguished Name; we will not be able to

accept it. Suffixes such as “Inc, LLC, or LP” can be disregarded.


8

For example: "Dina's Cafe" may be used to authenticate "Dina's Cafe Inc." However, "Dina's Cafe"

may not be used to authenticate "Dina's Cafe and Gift Shop Inc."

In addition to the business credential verification, every certificate order goes through domain name

verification. The organization ordering the SSL Certificate must own their Web site domain name or

have proof that they have the legal right to use that domain name.

We also verify that the Organizational Contact applying for the certificate on behalf of the company

or organization is an employee of that organization.

Domain Authentication VeriSign does not offer domain authenticated SSL Certificates. However, thawte does offer these

lower assurance certificates, which are appropriate for organizations concerned primarily with

encryption.

Domain authenticated certificates are the lowest form of authentication available. An entity

requesting a domain authenticated certificate will go through a process to help verify that they either

own the domain requested or that they have the right to use that domain name. Additionally we will

verify that the email address for the contact requesting the certificate is either listed in the WHOIS

directory or meets the CA's predetermined email alias requirements.


9

thawte™ Product Sheets

SSL Web Server Certificates with EV Extended Validation is the newest standard in identity authentication. Because of the rigorous

validation process associated with EV, consumers visiting a Web site secured with an EV

Certificate will be confident that this Web site is who they say they are. High security browsers like

IE7 and future releases of Firefox and Opera show EVs unique interface conventions in the

browser’s chrome such as the green address bar, the name of the organization that owns the

certificate and the issuing CA.

thawte SSL Web Server with EV provides this premium authentication and 40- to 256-bit

encryption at a compelling price. thawte SSL Certificates come with the thawte Trusted Site seal

that includes a date-stamp verifying the current validity of the SSL Certificate.

Each thawte Trusted Site Seal contains EV Upgrader, a utility that automatically triggers root

updates in end user systems with Windows XP and Microsoft Internet Explorer 7. This update

makes sure that all of these end user systems will display the Extended Validation (EV) SSL user

interface features when that system views a Web site secured with an EV SSL Certificate from

thawte.


10

Certificate Features and Benefits

Authentication: Extended Validation

Encryption: Minimum 40-bit up to 256-bit encryption

Site seal: Trusted Site seal, available in 18 languages.

Multi-year options: 1 – 2 years

Extended Warranty: None

Root: thawte root CA

Reissues: Unlimited for the lifespan of the certificate

Support: Web-based Knowledgebase, Online Chat, E-mail, Phone

24x5 multi-lingual for all global time zones

Does your customer need SSL Web Server Certificates with EV?

This certificate suits organizations that wish to increase customer confidence and reduce

transaction abandonment. Your customer may wish to consider this product if any of the following

situations applies:

• The identity of their organization and their brand is a core asset that needs to be protected

from phishers.

• They want to assure Web site visitors of the safety of their site in order to increase

consumer confidence and reduce their transaction abandonment rate.

• Their Web site visitors need to exchange personal and financial information with them via

their Web site and they need to make sure that this information is secure

• They want the highest available authentication at a reasonable price.

Have they considered?

If your customer wants both the highest available SSL authentication (EV) combined with the

strongest encryption available to each site visitor, consider VeriSign Secure Site Pro with EV. This

certificate offers EV authentication identification and Server Gated Cryptography (SGC) to provide

automatic 128-bit step-up encryption for all site visitors regardless of their browser or operating

system limitations.


11

SGC SuperCerts The SGC SuperCert combines full, organization-authentication with strongest available encryption

to each visitor. It automatically steps up protection to the industry recommended minimum of 128-

bit encryption even if Web site visitors use certain older browsers or older operating systems which

may default to weak, lower encryption levels such as 40-bit or 56-bit. thawte SGC SuperCert

certificates are also capable of connecting users at up to 256-bit encryption depending on the

capability of the user’s system and the server. thawte SSL Certificates come with the thawte

Trusted Site seal that includes a date-stamp verifying the current validity of the SSL Certificate.

Certificate Features and Benefits:

Authentication: Full organization authentication

Encryption: SGC enabled. Minimum 128-bit to 256-bit encryption




Root: VeriSign root with thawte intermediate certificate




Does your customer need SGC SuperCerts?

SGC SuperCerts are best suited for sites where a high priority is placed on protecting information

transfer between site users and the Web site organization such as financial, personal and e-

commerce data. Consider this product if any of the following situations apply to your customer.

• They need to ensure that they are providing the strongest encryption available to each and

every visitor to their Web site.

• They serve a diverse group of customers whose technology infrastructure may vary from

public access computers, home computers to business environments.


12

• Their customers conduct medium to high value e-commerce transactions with them via the

Web.

• Their business encompasses both domestic and international customers.


If they want to achieve both the strongest encryption available to each site visitor along with the

highest available SSL authentication with Extended Validation (EV), your customer should consider

VeriSign Secure Site Pro with EV. EV allows site visitors using high-security browsers like IE7 to

see the highly-visible green address bar security indicator.


13

SSL Web Server Certificates The thawte SSL Web Server Certificate is a full, organization-authenticated certificate that offers

256-, 128-, 56- or 40-bit encryption depending on the client's operating system, browser capability

and the cipher suite installed on the Web server. thawte SSL Web Server is a fully functional

certificate offered at a compelling price. thawte SSL Certificates come with the thawte Trusted Site

seal that includes a date-stamp verifying the current validity of the SSL Certificate.






Extended Warranty: none





Does your customer need an SSL Web Server Certificate?

This certificate is right for your customer if they need to secure browser-to-server or server-to-

server communication for their Web sites. This may be the solution for them if any of the following

statements apply.

• Their Web site visitors need to exchange personal information with them via their Web site

• They need to assure their customers of their online business identity.


If you would like to ensure that all your site visitors receive the highest level of encryption available

to them, consider thawte SGC SuperCert which provides automatic 128-bit step-up encryption for

all site visitors regardless of their browser or operating system limitations.


14

If they would like to have the highest level of authentication available in Extended Validation SSL,

they should consider thawte SSL Web Server with EV. This certificate employs new highly visible

interface changes such as the green address bar in high-security browsers.


15

SSL Web Server Wildcard Certificate The SSL Web Server Wildcard certificate allows your customer to secure multiple hosts on one

domain on the same server using the *.domain.com pattern for the common name. The thawte SSL Web Server Wildcard Certificate is a full, organization-authenticated certificate with 256-, 128-,

56- or 40-bit encryption depending on the Web site visitor client's operating system and browser

capability and the cipher suite installed on your customer’s Web server. This product provides full

featured security at a very compelling price. thawte SSL Certificates come with the thawte Trusted

Site seal that includes a date-stamp verifying the current validity of the SSL Certificate.











Number of domains secured: Unlimited sub-domains on a single server

Does your customer need SSL Web Server Wildcard Certificates?

SSL Web Server Wildcard is a good choice if the following applies to your customer:

• Their Web site visitors need to exchange personal information with them via their Web site

and they need to assure them that their information is secure.

• They need to assure their customers of their business identity.

• They need to secure multiple hosts or sub-domains on the same server.


16

Code Signing Certificates A thawte Code Signing Certificate is strongly recommended for any publisher who plans to

distribute code or content over the Internet or corporate extranets and wants to assure the integrity

and authorship of that code.

A thawte Code Signing Certificate minimizes the risks that go with software and application

downloads by providing a digital signature that:

• Confirms that the software originated from the Publisher who signed it.

• Confirms that the software has not been altered or corrupted, and is therefore safe to install

and run.

Therefore, thawte Code Signing Certificates ensures that your customer’s active content or code

cannot be maliciously modified, allowing them to leverage the Internet as a secure and viable

platform for content distribution.

Certificate Features & Benefits

• Single certificate for most platforms and applications

• Allows your customers to sign active content such as ActiveX, Macros, MIDlet (J2ME) and

Java Applets for secure electronic distribution over the Internet.

• Authenticated off of thawte's world-class certification procedures

Types of Code Signing Certificates Offered

Microsoft Authenticode Certificate: Signing activeX controls, executables, cabinet files and

other executable code for the authenticode framework. Also trusted for signing InstallShield and

Wise installers

JavaSoft Code Signing Certificate: Signing Java applets (JAR) for the Java 2 plugin, Java

WebStart and JCE framework. Signing MIDlet (MIDP 2.0) for mobile phones running Symbian

operating systems, particularly Nokia

Netscape Object Signing Certificate: Signing Netscape objects (java apps)

VBA Code Signing Certificate: Signing VBA Macro projects

Apple Code Signing Certificate: Signing Apple code


17

SSL123 Certificates SSL123 is thawte’s entry level certificate which provides validation that a domain is registered and

that the customer has authorized the purchase of the certificate. Through standard SSL encryption,

the certificate assures that information is kept private between your customers’ Web servers and

their customers' Web browsers. thawte SSL123 Certificates come with the thawte Trusted Site

seal that includes a date-stamp verifying the current validity of the SSL Certificate.


Authentication: Domain authentication




Extended Warranty: none





Does your customer need a SSL123 Certificate?

If your customers need to encrypt transactions on a basic e-commerce Web site or intranet,

including private IP addresses and host names, they may wish to consider SSL123 Certificates.

Consider SSL 123 Certificates if the following apply:

• High levels of authentication are not a priority. Instead encrypting basic transactions is their

focus.

• They need to protect information exchange between them and their customers.

• They need their certificate issued in minutes and do not wish to submit the paperwork

associated with fully-authenticated certificates.


18

• Their brand is not established yet, so they are not concerned with identity protection or

guarding against phishing attacks.


If your customer wants verification of their organization’s identity within their SSL certificate to

assure their site visitors that they are who they say they are, consider offering a fully-authenticated

certificate like thawte SSL Web Server Certificate.


19

VeriSign® SSL Product Sheets

VeriSign Secure Site Pro with EV VeriSign Secure Site Pro with EV is the only certificate to incorporate both the highest level of

authentication and the strongest encryption available to each site visitor. Extended Validation SSL,

a new standard in Web site authentication gives Web site visitors an easy and reliable way to

extend their trust online. In Microsoft® Internet Explorer 7 (and upcoming releases of Firefox and

Opera), the address bar turns green and displays the name of the Extended Validation certificate

owner and the CA that issued the certificate. The security status bar shows that the transaction is

encrypted and the organization has been authenticated according to the most rigorous industry

standard.

Secure Site Pro with EV also incorporates maximum encryption to each site visitor with Server

Gated Cryptography (SGC). Some Internet users still use browsers and operating systems which

may default to weak, lower encryption levels. SGC will ensure that 99.9% of all Internet users

receive at least 128-bit encryption and, for those able to, will connect at 256-bit encryption.

The VeriSign Secured™ Seal is the most recognized trust mark on the Internet and VeriSign is the

provider of choice for over 93% of the Fortune 500 and the world’s 40 largest banks. Over 100

million people see the VeriSign Secured Seal every day. This brand recognition helps assure site

visitors that your site is serious about security.

Each VeriSign Secured Seal contains EV Upgrader, a utility that automatically triggers root updates

in end user systems with Windows XP and Microsoft Internet Explorer 7. This update makes sure

that all of these end user systems will display the Extended Validation (EV) SSL user interface

features when that system views a Web site secured with an EV SSL Certificate from VeriSign.


Authentication: Extended validation


20


Site seal: VeriSign Secured Seal; multi-lingual with EV Upgrader


NetSure Extended Warranty: $250,000

Root: VeriSign root CA

Reissues: Revocation and replacement free for 30 days

Support: Web-based knowledgebase, Online Chat, E-mail, Phone

Available 24x5

Does your customer need VeriSign Secure Site Pro with EV?

If your customer’s organization is in a competitive industry and their business growth rests heavily

on the volume of transaction completions on their Web site, they should consider VeriSign Secure

Site Pro with EV. This product would be ideal if any of the following situations apply.

• They operate in a competitive environment where customer loyalty and brand protection is

key.

• Phishing attacks on their site would have a long term effect on their business.

• The success of their business is dependent on a high level of customer transactions on

their site

• The protection of their consumer’s personal or financial information is critical for them and

they need to be able to provide the highest level of encryption for every transaction.

• Their Web site visitors may connect to their site using a range of older and newer browser

versions and operating systems.

• They want to demonstrate to their customers that they take Internet security seriously.

• They want the most powerful SSL solution available today incorporating the best in

authentication, encryption and brand recognition.


21

VeriSign Secure Site Pro Many Internet users worldwide still use browsers and operating systems that will not connect at the

strongest encryption level available to them unless there is a Server Gated Cryptography (SGC)

enabled certificate on the server. VeriSign is the leading SSL provider of SGC-enabled SSL

Certificates, enabling 128- or 256-bit encryption for over 99.9% of Internet users. Secure Site Pro is

a full, organization-authenticated certificate that includes SGC encryption technology.

VeriSign is the SSL Certificate provider of choice for over 93% of the Fortune 500 and the world’s

40 largest banks. Over 100 million people see the VeriSign Secured™ Seal every day. They trust

VeriSign because of the company’s encryption technology and rigorous business authentication

practices. When your customers protect their sites with Secure Site Pro and display the VeriSign

Secured Seal, their customers know that their transactions are secure.




Site seal: VeriSign Secured Seal; multi-lingual






Available 24x5

Does your customer need VeriSign Secure Site Pro?

Your customer should consider VeriSign Secure Site Pro if it is imperative to them to protect

information transferred between site users and their organization online, such as financial, personal

and e-commerce data. They should select this solution if they want to also communicate to their

customers that their information is secure while transacting with their organization. If any of the


22

following statements are true about your customer, they should consider a VeriSign Secure Site Pro

Certificate.

• Their customers conduct medium to high value e-commerce transactions via a Web

interface.

• They need to ensure that they are providing the best possible encryption for each and

every visitor to their Web site.

• They serve a diverse group of customers whose technology infrastructure may vary from

public access computers, home computers to business environments.

• They have an international audience/customer-base.

• They want to be able to reassure their customers that they have a sound Internet security

infrastructure by displaying a recognized trust mark like the VeriSign Secured Seal.


If your customers also want the strongest solution to combat phishing attacks and assure their

customers of the validity of their site, they may consider Extended Validation (EV) SSL. Highly

authenticated Extended Validation certificates allow site visitors using IE7 to see the green address

bar and other prominent interface indicators in the browser. VeriSign Secure Site Pro with EV is

the only certificate to combine EV and SGC encryption in a premium SSL product.


23

VeriSign Secure Site with EV VeriSign Secure Site with EV incorporates the highest level of authentication available today and

standard 40-, 56-, 128-, or 256-bit encryption. Extended Validation SSL, a new standard in Web site

authentication gives Web site visitors an easy and reliable way to extend their trust online. In high

security browsers like Microsoft® Internet Explorer 7, the address bar turns green and displays the

name of the Extended Validation certificate owner and the CA that issued the certificate. The

security status bar shows that the transaction is encrypted and the organization has been

authenticated according to the most rigorous industry standard.

The VeriSign Secured™ Seal is the most recognized trust mark on the Internet and VeriSign is the

provider of choice for over 93% of the Fortune 500 and the world’s 40 largest banks. Over 100

million people see the VeriSign Secured Seal every day. This brand recognition helps assure site

visitors that your site is serious about security.

Each VeriSign Secured Seal contains EV Upgrader, a utility that automatically triggers root updates

in end user systems with Windows XP and Microsoft Internet Explorer 7. This update makes sure

that all of these end user systems will display the Extended Validation (EV) SSL user interface

features when that system views a Web site secured with an EV SSL Certificate from VeriSign.


Authentication: Extended validation

Encryption: From a minimum of 40-bit to a maximum of 256-bit encryption

Site seal: VeriSign Secured Seal; multi-lingual with EV Upgrader






Available 24x5


24

Does your customer need VeriSign Secure Site with EV?

If your customer’s organization is in a competitive industry and their business growth rests heavily

on the volume of transaction completions on their Web site, they should consider VeriSign Secure

Site with EV. This product would be ideal if any of the following situations apply.


key.

• Phishing attacks on their site would have a long term effect on their business.

• The success of their business is dependent on a high level of customer transactions on

their site


• They want an SSL solution incorporating the best in authentication and brand recognition.


If your customers also want to ensure that all site visitors are handled with the strongest encryption

available to each site visitor, they should consider Secure Site Pro with EV.

This certificate offers EV authentication identification and Server Gated Cryptography (SGC) to

provide automatic 128-bit step-up encryption for all site visitors regardless of their browser or

operating system limitations. VeriSign Secure Site Pro with EV is the only certificate to combine EV

and SGC encryption in a premium SSL product.


25

VeriSign Secure Site VeriSign Secure Site SSL Certificates are fully organization-authenticated, provide a minimum of

40-bit and up to 256-bit SSL encryption, and include the VeriSign Secured Seal™.

VeriSign is the SSL Certificate provider of choice for over 93% of the Fortune 500 and the world's

40 largest banks. They trust VeriSign because of its encryption technology and rigorous business

authentication practices, and they choose VeriSign because no other trust mark carries the global

recognition and impact of the VeriSign Secured Seal. Over 100 million people every day see the

VeriSign Secured Seal.




Site seal: VeriSign Secured Seal; multi-lingual






Available 24x5

Does your customer need VeriSign Secure Site Certificates?

Organizations that operate in a highly competitive industry where brand association and consumer

trust are important differentiators should consider VeriSign Secure Site. If any of the following

statements are true about your customer, they should consider a VeriSign Secure Site Certificate.


key.

• They wish to increase customer transaction volumes and reduce site abandonment.


26

• The protection of their customers’ personal or financial information is important, but doesn’t

require maximum encryption in every instance.



If they need to ensure that every customer’s transactions are handled with the strongest encryption

available to each site visitor, they should consider VeriSign Secure Site Pro.

If phishing is a concern for them, or if they simply want to differentiate their organization by

demonstrating a higher level of online security, they should consider upgrading to VeriSign Secure

Site Pro with EV.