Internet's 1 Million Most-Visited Domains Rely on GeoTrust SSL More Than Any Other Certificate Authority

MOUNTAIN VIEW, CA, Jul 06, 2010 (MARKETWIRE via COMTEX) -- GeoTrust, Inc., a leading certificate authority, today announced that its Secure Sockets Layer (SSL) Certificates secure more of the most-visited web sites on the Internet than any other certificate authority. The results, which were determined using Netcraft data against the Alexa Top 1 Million Domains list, highlight the popularity of GeoTrust over low-cost competitors on popular web sites.

To obtain an accurate picture of SSL Certificates usage on the most heavily-visited web sites, VeriSign, parent company of GeoTrust, commissioned Catapult Data Services to cross reference the Alexa Top 1 Million against Netcraft's June 2010 SSL Survey.
The Netcraft SSL survey is a tally of all publicly-facing SSL certificates on the Internet, including "parked" certificates on unused or infrequently-visited web sites. The Alexa Top 1 Million is a well-known site traffic measurement service that lists the million most visited sites, ranked by order of popularity.

The cross-reference revealed 33,871 unique domains protected by GeoTrust(R) SSL certificates out of approximately 136,000 of the Alexa Top 1 Million on which Netcraft found certificates. In contrast, Go Daddy, which has long claimed leadership in the low-cost SSL category, protected only 23,667 unique domains among these sites.

Although VeriSign is widely recognized as the leader in the premium SSL certificate and online trust category, its GeoTrust product competes with brands such as Go Daddy for leadership in the low-cost category, where customers are simply looking to enable encryption.

"Since this study provides an accurate depiction of SSL doing what it's intended to do -- authenticate sites and protect transactions -- the index we've commissioned reflects overwhelming preference for GeoTrust by the operators of the most visited domains on the Internet," said Jeff Barto, senior product marketing manager for GeoTrust. "Based on this data, GeoTrust clearly leads the low-cost SSL category."

With SSL certificates issued in more than 150 countries around the world, GeoTrust offers world-class SSL certificates with fast delivery at a cost-effective price. Enabling up to 256-bit SSL encryption, they include a range of GeoTrust(R) True Site seals based on the desired level of identity verification.

What Customers Are Saying

"Being an internationally based company, root ubiquity was of cardinal importance to our decision making process," said Ming Keong Kuan, director of, a Singapore-based fashion accessories provider for consumer electronics. "We needed to make sure that the SSL certificates would work where we are based, which is why we selected GeoTrust as our certificate authority of choice."

"The GeoTrust True Site Seal allows us to instantly communicate to existing and prospective customers that their transaction is in safe hands. Best of all, this protection comes at a price our budget can accommodate," said Scott Miller, chief executive officer of A1 Pool Parts, a Southern California-based provider of quality pool products and services.

"Reputation is key; if we want businesses to be confident in our services we need to provide them with a visual security seal from a brand name that they can easily recognize and correlate with trust," said Kurt Davey, founder and chief executive officer of Neoverve, Inc., an ecommerce service provider and Web design company.

GeoTrust's SSL solutions present a wide range of cost-effective options, including standard or Extended Validation EV SSL certificates, support of up to 256-bit SSL encryption, static or dynamic GeoTrust True Site seals, and warranty protection ranging from $10,000 to $150,000. In addition, GeoTrust offers multi-domain support in the Subject Alternative Names (SANs) field for greater flexibility to work with products like Microsoft Exchange Server 2007 and Microsoft Office Communications Server 2007. Companies can sign up today for a free 30-day trial of GeoTrust SSL certificate protection.

About GeoTrust A wholly owned subsidiary of VeriSign, Inc. (VRSN 28.15, -0.30, -1.05%), GeoTrust is the world's largest low-cost digital certificate provider. More than 100,000 customers in over 150 countries trust GeoTrust to secure online transactions and conduct business over the Internet. GeoTrust's range of digital certificate and trust products enable organizations of all sizes to maximize the security of their digital transactions cost-effectively. For more information, visit

Statements in this announcement other than historical data and information constitute forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended. These statements involve risks and uncertainties that could cause VeriSign's actual results to differ materially from those stated or implied by such forward-looking statements. The potential risks and uncertainties include, among others, the uncertainty of future revenue and profitability; potential fluctuations in quarterly operating results due to such factors as the inability of VeriSign to successfully develop and market new products and services and customer acceptance of any products or services, including those mentioned herein, increasing competition and pricing pressure from competing services offered at prices below our prices; and the uncertainty of whether VeriSign will achieve its stated objectives. More information about potential factors that could affect the company's business and financial results is included in VeriSign, Inc.'s filings with the Securities and Exchange Commission, including in the company's Annual Report on Form 10-K for the year ended December 31, 2009, Quarterly Reports on Form 10-Q and Current Reports on Form 8-K. VeriSign undertakes no obligation to update any of the forward-looking statements after the date of this press release.

Copyright2010 VeriSign, Inc. All rights reserved. VeriSign, the VeriSign logo, the Checkmark Circle, GeoTrust, and other trademarks, service marks, and designs are registered or unregistered trademarks of VeriSign, Inc., and its subsidiaries in the United States and in foreign countries. All other trademarks are property of their respective owners.

Internet's 1 Million Most-Visited Domains Rely on GeoTrust SSL More Than Any Other Certificate Authority.
Credit: GeoTrust

Most SSL Sites Poorly Configured

A variety of news stories issuing from the Black Hat security conference this week in Las Vegas describe presentations in which researchers highlight holes in web browser security, including widespread problems with the implementation of SSL Certificates.

According to a report appearing Thursday on the Forbes blogs, security researchers Robert Hansen and Josh Sokol presented a list of 24 reasons, Wednesday, why users shouldn’t trust their browser’s padlock security indicator, the image typically associated with sites secured by SSL certificates.

The presentation reportedly divided threats into mostly low- and medium-level threats, with two that Hansen considered critical. All of those threats, said the presenters, require the hacker to deploy a man-in-the-middle program on the user’s network.

The first of the critical flaws was a “cookie-passing” trick, in which the hacker visits a site before a user, receiving a valid cookie that he then passes to the user. When the legitimate user visits the site, the hacker’s cookie then becomes associated with the user, enabling the hacker to access to the user’s account.

The other critical issue was a technique through which a hacker can use an insecure tab in a user’s browser to send a request to install a plug-in once the user has opened a secure tab, making the request appear to come from the secure site.

All the slides from Hansen and Sokul’s presentation are embedded in the article.

SSL security and its vulnerabilities are a frequent topic at the annual Black Hat conference – which stands to reason, as it is one of the main security functions associated with ecommerce. Last year, Dan Kaminsky and Moxie Marlinspike presented vulnerabilities they had found in the issuing process for SSL certificates at the conference.

In a separate presentation at this year’s Black Hat, security researcher Ivan Ristic presented the results of a study that suggests close to 97 percent of SSL certificates are incorrectly configured, according to a report in eSecurity Planet.

Presenting the results of a study that examined 867,000 SSL certificates, Ristic said that nearly 97 percent of SSL certificates do not have the correct name on them, and don’t match the domain to which they are associated.

Of the 3 percent that matched, only one third were correctly configured – which meant, he said 2,048-bit or better encryption and the disabling of support for the SSLv2 protocol.

According to the report, Ristic speculates that the reason for the scarcity of properly-configured certificates is a lack of widespread documentation and education for the technology.

The Black Hat conference took place in Las Vegas this week, with training from July 24 to July 27, and briefings running from July 28 to July 29.

There are wide range of SSL certificates available in industry, but before purchase or renew you should look out for the best support you get from the various SSL certificates seller and reseller, you can choose RapidSSL, GeoTrust, Thawte & Verisign to secure your eCommerce website with no hassle.

Origional Source at


Twitter Delicious Facebook Digg Stumbleupon Favorites