Internet Explorer To Flag Verified 'Safe' Sites -- Redmond Channel Partner

Internet Explorer To Flag Verified 'Safe' Sites

By The Associated Press
December 28, 2006

Beginning next month, version 7 of Microsoft Corp.'s Internet Explorer browser will start flagging certain e-commerce and banking sites as green for "safe." The browser will look for an extended-validation certificate issued by any number of vendors.

To qualify, vendors such as VeriSign Inc. and Comodo will be required to make extensive checks before approving such certificates. They also will have to undergo independent auditing through WebTrust, a service run by trade groups for certified public accountants.

Under the latest, 65-page draft guidelines, verification requirements include:

Legal existence and identity. The certificate vendor must make sure that the business is legally recognized and that the formal name matches government records, through databases and other means. The vendor also must verify any alternative operating names that differ from the legal name.
Physical existence. The vendor must check government records to make sure addresses in those records and in the certificate application match. When there is no match, a site visit is required, documenting such things as whether a permanent sign is present and whether the office is more than a mailbox. Photos are required showing the site's exterior and the interior reception area or workspace.
Telephone number. The vendor must verify that the phone number provided is the primary one for the business, using such techniques as calling it directly and checking phone directory listings. In some cases, the vendor must make sure the main phone number is not a mobile phone.
Domain name. To ensure the business owns and controls the domain name, the vendor must use techniques such as checking registration records, known as the Whois database, and asking the company to make an agreed-upon change to the Web site under that domain name.
Individual's authorization. The vendor must verify that the individual requesting the certificate works for the company -- for instance, by contacting its human resources department. The vendor must also verify the individual's authority to make the request, generally by obtaining written documentation.

For some verifications, exemptions are permitted with a letter from a lawyer, notary or accountant. The guidelines include procedures for verifying authenticity.

Businesses in existence for less than three years may be required to also produce evidence they have a valid bank account. Additional checks are required for banks and other companies deemed to be high-risk targets for scams.

Because many of the steps rely upon government filings, general partnerships, unincorporated associations, sole proprietorships and individuals are currently barred from getting these certificates.

For that reason, a consortium of certificate vendors and browser makers rejected the draft in November, although Microsoft and some vendors believe the standards are good enough to proceed anyhow.

Free Webcast! Learn about Password Management Best Practices

Featured

Veeam Releases Data Cloud for MSPs, Targets SaaS Protection at Scale

Veeam is expanding its footprint in the managed services arena with the global launch of Veeam Data Cloud for Managed Service Providers (MSPs).
The Era of Windows 10 (and Some Office and Skype Editions) Officially Comes to an End

Microsoft has formally withdrawn support for Windows 10 as of Oct. 14, 2025, bringing the curtain down on one of its most widely adopted operating systems.
Microsoft Builds AI Agent To Help Its Own Employees Navigate Licensing

Microsoft has rolled out an internal AI agent dubbed "Licensing Navigator" to help its own users answer complex licensing questions, promising to improve response times by nearly 90 percent.
Microsoft Adds Direct Copilot Integration to Microsoft 365

Microsoft is integrating its Copilot AI into the core Office apps -- Word, Excel, PowerPoint, Outlook and OneNote -- rather than offering it as a separate add-on.

RCP Update

Email Address*Country*

Please type the letters/numbers you see above.

Internet Explorer To Flag Verified 'Safe' Sites

Featured

Veeam Releases Data Cloud for MSPs, Targets SaaS Protection at Scale

The Era of Windows 10 (and Some Office and Skype Editions) Officially Comes to an End

Microsoft Builds AI Agent To Help Its Own Employees Navigate Licensing

Microsoft Adds Direct Copilot Integration to Microsoft 365

MIT Finds Only 1 in 20 AI Investments Translate into ROI

Microsoft Appoints Althoff as New CEO for Commercial Business

Dynamics 365, Power Platform and Copilot Getting AI Boosts in Wave 2 Update

Roadblocks in Enterprise AI: Data and Skills Shortfalls Could Cost Millions

Microsoft To Standardize Online Services Pricing for Volume Licensing

MIT Finds Only 1 in 20 AI Investments Translate into ROI

Microsoft Appoints Althoff as New CEO for Commercial Business

Dynamics 365, Power Platform and Copilot Getting AI Boosts in Wave 2 Update

Roadblocks in Enterprise AI: Data and Skills Shortfalls Could Cost Millions

Microsoft To Standardize Online Services Pricing for Volume Licensing

Partner Guides

Partner's Guide to the Windows Server 2008 Deadline

Partner's Guide to Office 365 Security Costs

Partner's Guide to UCaaS

Partner's Guide to Starter Workloads in Azure

Partner's Guide to Microsoft's Fiscal Year 2019

FREE WEBCASTS FROM OUR SPONSORS

Coffee Talk | MSP Security Playbook: Threat Detection, Response and Beyond

Coffee Talk | Next-Gen Threat Management: A Unified Approach for MSPs

Veeam Simplified: The Easy Button for MSPs Protecting Microsoft 365

Tech Talk | Stop Buying What You Already Own: The MSP's Guide to Microsoft 365 Optimization

FREE WHITE PAPERS FROM OUR SPONSORS

H1 2025 Threat Landscape Report

The Real Gap in Traditional EDR Security

3 Signs It's Time to Consolidate Your Stack

8 Step MSP Checklist for Getting Started with Security Compliance