A few years ago I switched from using Thawte SSL's (a verisign company) to Verisign because of the better name recognition Verisign provides. To that end I've been happy with it and believe it gave our e-commerce visitors a better sense of security when using our sites.
Now with the EV SSL (extended validation SSL) that will show a green bar or text, depending on browser. I wonder if continuing with Verisign just for their brand recognition is the right choice vs upgrading to a EV SSL from DigiCert or GoDaddy. DigiCert and GoDaddy have good reviews from customers and both have a good root certificate that is compatible with every modern browser.
EV SSL Prices (as of June 2009)
- Verisign charges $995 yr
- DigiCert is only $488 yr
A few months ago I did some research on Digicert and GoDaddy both seem to have a good reputation and reviews. Their root certificates should be as good verisign's and DigiCert even allows you to use your domain plus the www prefix in one certificate. To get that with Verisign you must purchase two certificates.
Is having an EV SSL from DigiCert or even GoDaddy better than having a standard SSL with the verisign brand?
Best Answer
Your users certainly won't know (or care) the difference between an EV cert from one provider and an EV cert from another as long as their browser has the relevant root certificates such that it will accept the certificate without prompting the user that there may be a problem.
An EV cert from anyone (that the user's browser accepts certs signed by) is better than a "standard" certificate from anyone no matter how good a name. The user will see the big-green-blob-and-text or big-blue-blob (or how-ever their browsers differentiate the type of certificate) - the vast majority will never inspect the details of the certificate including who signed it.
Whether the difference between an EV cert and a non-EV cert is meaningful or your userbase is something only you can decide/answer. While education on the subject is spreading most man-in-the-street users will not know (or care) what a certificate is never mind knowing the difference between an EV cert and a non-ev one, but if your target audience is more clued up on average an EV cert might make them feel more secure using your services. Having said that some people are learning that "big green block on title bar in Firefox is more secure than the smaller blue blob which is in turn better than no colour" so maybe EV certs will become more desirable in general soon.