My company is deciding which type of certificate to choose: the EV certificate
or the regular one.
I would like to know the difference between them. I know that the EV ones put some kind of reputation to the application you sign, but I'm not sure about the difference.
Two questions:
- Do regular certificates avoid the Web download check of malicious software from IE9
SmartScreen
? - What is the real intention of a regular certificate?
I googled a lot, and I found a lot of links, but all of them seem to say the same but none answer my question...
no. All web downloads are validated by SmartScreen feature.
the same as of EV certificate -- to provide security features: peer and traffic authentication, data integrity and privacy (via encryption). Technically both certificate types (regular and EV) are the same. Difference is in the customer (payee) validation procedure and visual certificate recognition (via green address bar in web browsers, for example). You have to pass additional validation checks in order to meet EV requirements.
Though, it is recommended to use EV certificates for E-commerce web sites, because site trustworthy is important for your potential customers.