Validation Issues

The Importance of Validations (& the delays it can cause)

PDF In a correctly run and operated CA, a team of trained RA Administrators manually check and verify every request for an SSL Certificate following an internationally recognised practice known as validations.

For expedience and to save on cost, some CAs automate the Validation process so that the CA can deliver its Certificates cheaply and without the need for manual Validations. The Certificates are delivered quickly, but an automated Validations process is flawed and can undermine the integrity and values of the Certificates it issues.

Regardless of how you request a Certificate, the RA should validate the request and then issue the Certificate. Automated Certificate issuance from a CA is only one part of the overall Certificate life cycle and what it saves in expedience, it looses in security. Digi-Sign would only recommend using automated Certificates for very specific, closed environments where Certificate integrity is easily controlled. A customised version of Digi-CA™ would be a good example of a closed and customised environment where automation can be implemented without affecting the security or integrity of the validations process.

SSL Requests & Delivery Delays

    The important and separated function of the Validation process is never expedited and can take the RA time to complete. There are considerable variations in time between the validation for one Certificate and another. So the specific time that the RA will take to validate a request may cause some delay.

The Business Case

    Any network where information is stored electronically needs to be secured and a single unsecured transaction could result in significant losses to your organisation.

    Two-factor authentication, Machine Readable Travel Documents [MRTD ] systems, national ID card systems, web access control, e Passports, device-to-device authentication and two factor authentication, can all require use Certificates. Integral to all of these environments is the requirement for digital authentication, digital identification, digital encryption, digital stamping and/or digital signing and being able to support these transactions with a legally binding infrastructure.