Domain Validated SSL Certificates are no-frills, encryption-only certificates. In order to get a Domain Validated SSL Certificate you just have to prove that you own the domain by responding to an email or phone call using the information in the WHOIS record of the domain. It’s easy. Your company doesn’t have to be validated and no organization name is entered in the certificate. This is good and bad news.
Advantages of Domain Validated SSL Certificates
- Speed. You can usually get a fully-functioning certificate within minutes. No need to send in company validation documents.
- Price. Because the process is automated and requires no validation from the certificate authority, these are the cheapest SSL certificates available.
Disadvantages of Domain Validated Certificates
- Low assurance. Because your company is not validated, these certificates don’t help your visitors know who is running your site. If you have an e-commerce site, your potential buyers may be scared off.
- Less secure. The certificates themselves still enable full, 128-bit encryption but there are other security problems. For one, any phisher can get one and can hide their identity completely. Second, they make man-in-the-middle attacks more dangerous. If an an attacker was able to do some DNS poisoning, he could get a Domain Validated SSL Certificate for your domain and redirect visitors to a fake site that allows him to collect visitor information.
So when should you use Domain Validated SSL Certificates? They work well in situations where you don’t need to assure your visitors or where there is little chance of a man-in-the-middle attack such as on an internal server , on a mail server or on your personal website.