In a nutshell, EV certificates are a bit of a marketing ploy. Certificate Authorities, or specifically, Registration Authorities are supposed to validate the identity of those requesting certificates anyway. The actual technology behind “normal” certificates and EV certificates is exactly the same. If the RA’s were diligent before allowing CA’s to issue certificates, there would be no need for über-checked certificates.

Also, anyone can issue an EV certificate. One can do it using openssl. However, your browser isn’t preconfigured to trust them.

Wadeaminnit, wadeaminnit—that last screenshot indicates that you’ve solved an unrelated problem, to which I didn’t know a solution existed.  If I type a URL that includes me.com (I’ve tried several, including https://auth.me.com/, for example, as well as http://www.me.com/) in Safari on an iPhone or iPod touch, I don’t get the MobileMe website—as far as I was aware, doing this always results in redirection to instructions for how to link the iPhone/iPod to one’s MobileMe account directly (i.e., through Mail, Calendar, Contacts, ...).  This is usually fine—why would you want to use the website interface to connect to your MobileMe data when you can use native apps instead?—but occasionally I have had a reason to check my wife’s account from my iPod touch, or mine from her iPhone, which this behavior prevents.  How did you actually get the website interface to open in iPhone/iPod Safari?

This is a great tutorial on recognizing EV certs, especially on the iPhone, the interface of which is slightly different from a normal browser. However, as a VeriSign online evangelist I also wanted to respectfully reply to some of the prior comments here. EV SSL is actually not the same as ordinary ssl technology—the green url bar itself, for example, is virtually impossible for phishers to replicate, adding a layer of confidence for consumers visiting websites that are likely for phishers to target. Additionally, while CAs are indeed required to check the identity of ordinary cert holders, EV SSL certs were developed to add more trust to websites that also need data point encryption, and the only way to acquire one is to purchase from an appropriate vendor and undergo a thorough CA background check (which requires information that is not required to obtain an ordinary cert and never has been). Bottom line: EV SSL provides more protection due to technology and procurement process.

@Joseph A’Deo, I’m going to call BS on the EV cert. marketing nonsense. Yes, there is more process involved in getting an EV cert. And, yes, browsers draw a pretty green widget on the screen, but there is no fundamental difference between a X.509 cert. without the extended attribute and one with. If the extended attribute is present, the browser draws the widget. The over-the-wire encryption is exactly the same.

EV certs. were only created because CA’s (especially Verisign) dropped the ball in the trust department.

http://www.microsoft.com/technet/security/Bulletin/MS01-017.mspx

Imagine a state issuing a $100 premium drivers license that had special gold trim signifying that at the time you were issued the license, the state official actually measured your height and weight and eye color prior to issuing the license. Then when someone needed to see your ID, they could tell from the gold trim that you really were 5’10”, 175 lbs. and blue eyes. Awesome.

One might say that the state official could verify that you really were who you claimed to be with extra background checks prior to issuing the license and that would justify the extra $100. Except verifying the applicant’s identity was something they were supposed to do with in the first place with the original license.