Slide 1 - Authenticated Reseller SSL Certificate Authority


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Slide 1 - Authenticated Reseller SSL Certificate Authority

  1. 1. Feature overview of Comodo CA. Company Confidential © 2006 Comodo. All rights reserved. Confidential
  2. 2. GOAL To provide Comodo Partners with their own PKI certificate life cycle management tool that would allow you to provision and manage all global x.509 Digital Certificate requirements for your own company as well as any customers via online management tools or API Integration. Company Confidential © 2006 Comodo. All rights reserved. Confidential
  3. 3. Managed -Certification Services PKI facilities: Issuance / management of X.509 Digital Certificates for: • SSL – Full Validation Procedure. • Secure E-mail – 100% compatibility on S/MIME clients. • Trust Logo – Real time Website and card Payment verification. • SGC – Certificates available for unrivaled browser compatibility • Subordinate CA – Ability to offer Selected Partners the opportunity to become their own CA WebTrust and EV WebTrust compliant. • Operating under a stringent Certificate Practice Statement. • Redundant system (Backup) • Physical secure environment. • Use IBM 4758 FIPS-140-4 Level 4 devices for digital signing. • Comodo root certificates included in future Browser releases (Auto update) Certificates recognized by 99.3% of Internet Browsers (Increasing Daily). Company Confidential © 2006 Comodo. All rights reserved. Confidential
  4. 4. Comodo Partner Program Brief Benefits Summary Zero Commitment – “Some Competitors require you to buy in expiring cert packs” API, Integration Available No Compromised Validation 24 / 7 / 365 Telephone Support Ability to Sign up Tier2 Resellers Purchase certificates on behalf of customers as an RA Discounted pricing on RRP for volume partner accounts Easy to use online management system “RA‟s conduct the entire application, issuance and installation of an SSL Certificate” your own management area Certificates are issued in minutes Prepayment allows you to start selling SSL immediately - No monthly / annual commitments Banding system to allow you to benefit from increased discount on higher banding. When a Certificate is issued, the discounted price of the certificate is subtracted from your central account Top up your account at any time to keep on top of your own success Ongoing opportunity to capture reoccurring product sales Company Confidential © 2006 Comodo. All rights reserved. Confidential
  5. 5. E-PKI Manager Overview Comodo‟s EPKI Manager, eliminates the need to invest in expensive hardware, software, expertise and Certification Authority management facilities associated with providing your own digital certificate solutions. Comodo‟s EPKI Manager allows organisations to issue Certificates for use within your intranets, extranets, websites or employee‟s email clients. Comodo already provides the industry‟s most cost effective Certificates available ; however our EPKI Manager provides even greater discounts on all Certificate purchases. To avoid such barriers for the widespread use of Certificates within an organization, Comodo has developed the enterprise class EPKI Manager - a web - based console used to interface with the Comodo Certificate Authority. Company Confidential © 2006 Comodo. All rights reserved. Confidential
  6. 6. E-PKI Manager Overview The EPKI Manager provides instant security for your web operations, internal networks and employees email, giving you full access to an outsourced Certificate Authority platform for all your digital certificate requirements. Comodo - SSL Certificate Authority EPKI Manager provides fast, and easy management of your enterprise‟s digital certificates. When considering the implementation options for a digital certificate solution, you will choose to opt either for an in-house PKI model, or a fully managed outsourced model. Following the inhouse option will see enormous costs in time, management, legal fees, development and operational costs. Company Confidential © 2006 Comodo. All rights reserved. Confidential
  7. 7. E-PKI Features at a glance Easy to use web - based console, full API integration available (If required) Issue high quality, fully trusted SSL Certificates Issue Corporate Secure Email Certificates quickly to employees and partners Create / manage "sub users" and assign specific issuance and reporting permissions to your users Gain savings on standard Certificate buy prices No extra software / hardware required Full reporting / Certificate management Company Confidential © 2006 Comodo. All rights reserved. Confidential
  8. 8. Comodo Trust logo‟s Features 1.) Point to Verify: Point to Verify Is important for your visitor as it offers the "extra" level of confidence about "you" without your visitor having to click away! Comodo, provides the extra confidence that your users need right there and then within your website, using "Point to Verify" technology! This creates a "Call to Action" and gives you something in return you Point to verify technology can see exactly how many times you have been authenticated by the Extended site credentials users as they felt the need to authenticate you and is Comodo's Trust Eye catching design Logo is the only Trust Logo with Active feedback and is a unique Boost Conversion rates patented Comodo Innovation and is existent in all Comodo Logo‟s. Unique, Domain wide logo As our Trust Logo's have this capability, it automatically encourages Scrollbar independent the end user with this "call to action" to engage in establishing trust Unlimited verifications with your site! now, users are encouraged to establish trust with you! Unique feedback facility and are gently engaged and offered a way to trust you. Trusted third party validation Company Confidential © 2006 Comodo. All rights reserved. Confidential
  9. 9. Comodo Trust logo‟s Features 2.) ROI (Return on Investment) Additionally this "Active Trust Feedback" mechanism helps you identify the best ROI for establishing trust. It provides a feedback mechanism by enabling you to position your Trust Logo in the best ROI place on your website. The more people verify you, the more they will trust, the more your revenue will increase! Active Trust Feedback Mechanism More customers Trust = More Customer Conversions = Higher ROI Use your Daily mouse-over statistics to find the optimum positioning for your Comodo Trust Logo's, Card Payment Logo's and Hacker Guardian Shields. 3.) Unspoofibility ... Why does it matter? we offer a 3rd layer of Trust Relationship for the concerned and educated users, who understand the pitfalls of the internet! We offer the end users an ability to Verify your Trust Logo and site in a manner that is not susceptible to spoofing, in return giving your customers a total and complete piece of mind hence allowing them to truly trust you! Company Confidential © 2006 Comodo. All rights reserved. Confidential
  10. 10. Extended Validation SSL With the advent of Extended Validation SSL certificates in next generation web browsers such as IE7, Microsoft have introduced an added complication. In order to get IE7 on Windows XP to show the EV green bar, each CA (Certification Authority) that sells EV SSL Certificates has had to issue a new Root Certificate. These new Root Certificates will not automatically be installed on end-users' systems, and the EV green bar will NOT be seen until they are somehow installed. What makes Comodo Different from any other CA, i.e. Verisign? Comodo EV AUTO Enhancer ™ What is Comodo EV AUTO Enhancer? Comodo‟s patent-pending EV AUTO-Enhancer™ Automatic EV Deployment and maintenance Technology is able to install Comodo‟s EV Root Certificate automatically on your customer‟s computers. They do not need to install a patch from Windows Update and you do not need to modify any of your WebPages. In addition, Comodo‟s EV AUTO-Enhancer™ guarantees to give your customers the EV green bar immediately in IE7 (and next generation EV capable browsers), even if they have JavaScript disabled in their browser! Automatic EV Deployment and maintenance Technology Click here for more information Company Confidential © 2006 Comodo. All rights reserved. Confidential
  11. 11. SSL Browser Recognition Server Platforms Apache BEA Weblogic C2Net Stronghold Desktop Browsers: Micro Browsers /PDAs. cPanel / Web Host Manager Microsoft Internet Explorer 5.01 + Microsoft Windows Mobile/ CE 6.0 + Ensim Control Panel Red Hat Linux Konqueror (KDE) NetFront Browser v3.4 + Hsphere Netscape 4.77 + RIM Blackberry v4.2.1 + IBM HTTP Server Firefox 0.1 + KDDI Openwave v6.2.0.12 + iPlanet Server Mozilla 0.6 + Apple iPhone Java Web Server (Javasoft / Sun) AOL 5 + Opera Mini v3.0 Lotus Domino Opera 8 + Sony Playstation Portable Microsoft IIS Safari 1.2 + Sony Playstation 3 Microsoft ISA Camino 1.0+ Microsoft Live Communication Server Microsoft Office Communication Server 2007 Additional Applications: Email Clients (S/MIME): Microsoft SQL Server 2005 Google Checkout Microsoft Outlook 99+ Netscape Enterprise Server Sun Java v1.4.1 + Microsoft Outlook Express 5+ Novell ConsoleOne + Novel Webserver SeaMonkey Netscape Communicator 4.51+ OpenLDAP Mozilla Thunderbird 1.0+ Oracle HTTP Server Qualcomm Eudora 6.2+ Plesk Lotus Notes (6+) Tomcat Extended Validation SSL: (Mac OS X) Webmin Internet Explorer 7: (Vista) WebSTAR Internet Explorer 7: (XP) Zeus Web Server Company Confidential © 2006 Comodo. All rights reserved. Confidential
  12. 12. Comodo SSL Certificates – Key Features 99% Browser Compatibility - Root Certificates inherently trusted by all major Web Browsers and Smartphone/Micro Browsers Highest industry standard 128/256 bit encryption X.509 industry standard Extended Validation (EV) SSL Certificates for next generation Web Browsers such as Internet Explorer 7 SGC (Server Gated Cryptography) capable SSL certificates, enabling strong encryption to over 99.9% of website visitors. Full warranty (Up to $1mil US) Unlimited re-issuance policy Company Confidential © 2006 Comodo. All rights reserved. Confidential
  13. 13. The Web Trust Standard Fully Accredited AICPA/CICA Web Trust compliant Certification Authority – the Highest globally-recognized standard + WebTrust for Certification Authorities – Extended Validation Audit Criteria. Accreditation Focuses on: • CA Key Usage • Key Life Cycle Management Controls • CA Key Destruction • CA Key generation • CA Key Archival • CA Key Storage, Backup and Recovery • CA Public Key Distribution • CA Cryptographic Hardware Life Cycle Management Company Confidential © 2006 Comodo. All rights reserved. Confidential
  14. 14. Myth – Single Root Certificates are best practice End entity certificates chained to an intermediate certificate represent the highest possible security solutions for Certification Authorities and therefore their customers. There exists a very small possibility, consistent amongst all certification authorities, that the certificate used to sign end entity certificates could be compromised. The signing process itself mandates that the signing certificate must be accessible in order to perform the signing operation. In the case of an intermediate certificate, the corresponding root certificate is secured offline, eliminating the possibility of it being compromised by daily signing processes. End entity certificates directly signed by root certificates (i.e. no intermediate protection) provide no recourse should the root certificate itself become compromised. If an Intermediate were to be compromised then new intermediates could be created and new end entity certificates could be issued. Company Confidential © 2006 Comodo. All rights reserved. Confidential
  15. 15. High profile examples of Chained SSL Company Confidential © 2006 Comodo. All rights reserved. Confidential
  16. 16. Aren’t intermediate certificates harder to install than direct root install certificates? For IIS. Both Microsoft IIS 5.0 and IIS 6.0 are fully PKCS#7 compliant whereby they will automatically parse the certificate extract the new intermediate and install it in the appropriate certificate store. (Root certificates are also installed if previously removed from the server.) For Apache. Major CAs will deliver a „bundled‟ file containing the complete certificate chain providing a single installation method for the certificate. Therefore the installation process of an intermediate certificate is no more difficult than a direct root install certificate. Company Confidential © 2006 Comodo. All rights reserved. Confidential
  17. 17. CA Global Growth – Netcraft August 2007 Comodo Has Largest Gain Among CAs The Comodo Group has the largest gain of SSL-secured sites this month among certificate authorities as it adds 5,562 sites, comfortably ahead of VeriSign, which adds 3,226 sites. Additionally Comodo is the CA Infrastructure provider to numerous other CAs Company Confidential © 2006 Comodo. All rights reserved. Confidential
  18. 18. CA Offering Comodo‟s Sub-CA signing program empowers Internet service providing organizations to become their own Certification Authority (CA), allowing them to offer an essential security product required by millions of customers to conduct E-commerce safely and securely. By chaining to Comodo‟s highly trusted public root CA certificates which are compatible with all major Web Browsers, organizations can issue their own range of SSL, code signing and secure email certificates to their customers whilst further leveraging their product portfolio and reputation as a trusted provider. Company Confidential © 2006 Comodo. All rights reserved. Confidential
  19. 19. Google Trends – Comodo Vs Comodo Vs Company Confidential © 2006 Comodo. All rights reserved. Confidential
  20. 20. Comodo – Unique Selling Points Founded in 1998 The worlds 2nd largest, fastest growing Certification Authority Headquartered in NJ USA with global operations centres in the U.K, Japan, India and Ukraine A fully accredited AICPA/CICA WebTrust compliant Certification Authority – the highest globally-recognized standard 8 highly trusted public Root Certificates under ownership embedded within all major Web Browsers Comodo controls more than one-quarter of the worldwide digital certificate market One of the most diverse and largest portfolio of PKI-based digital certificates The only major independent SSL provider outside of the Verisign group of companies Founding members of the Certification Authority Browser Forum, a consortium of CAs and browser industry leaders that Through CA Browser forum the next generation of SSL certificates were derived: Extended Validation (EV) SSL 8,000 + Global Partner Network Over 1 million digital certificates issued Comodo customers include: 7 of the top 10 Fortune 1000, 5 of the top 7 U.S. universities, the top 2 global software providers, and 2 of the top 20 financial institutions Award winning Trust Seal programme - “Corner of Trust” enables real time verification of more than 500,000 websites Company Confidential © 2006 Comodo. All rights reserved. Confidential
  21. 21. Example Customers Company Confidential © 2006 Comodo. All rights reserved. Confidential
  22. 22. Company Confidential © 2006 Comodo. All rights reserved. Confidential
  23. 23. High Profile reference Sites Utilizing Comodo SSL Certificates: List of over 40 top level Sony domains ALL are secured with a Comodo SSL Certificate. Company Confidential © 2006 Comodo. All rights reserved. Confidential
  24. 24. World Wide Operations European HQ Manchester UK Leeds R&D Comodo Japan Comodo Corporate HQ Support User Trust Division New Jersey Facility Salt lake City - Utah USA Comodo Support Facility Company Confidential © 2006 Comodo. All rights reserved. Confidential
  25. 25. Comodo Firewall Pro - Providing Increased Brand Awareness 9 Million users 500,000 new users a month. Available in 13 Languages Matousec: • Matousec found that it offered the highest level of "anti-leak" protection -- in essence, a measurement of a firewall's effectiveness. Comodo offers true two-way firewall protection, is extremely configurable, and unlike most other firewalls, gives you a great view into your system and Internet connection as well. It's free, as well. (Cnet): • "[Comodo Firewall Pro is] a solid, state-of-the-art firewall with little reason left to ignore it. Providing a smorgasbord of information and options for advanced users, simple enough for beginners, and yet runs smoothly and silently in the background, Comodo is a prime example of what a program that mucks about with your Internet connection should be like." Company Confidential © 2006 Comodo. All rights reserved. Confidential
  26. 26. Comodo offers the widest portfolio of high quality SSL Certificates to meet the needs of every business. Whether you need SSL to establish trust, meet compliance requirements, or simply to secure a web server. Comodo SSL Certificates offer you the highest levels of encryption, authentication and security. Company Confidential © 2006 Comodo. All rights reserved. Confidential