(Author here, replying with my old openid account due to rate limit.)
The 'freshness' is possible because it's a domain validated certificate - domain validated certificates are < 1 min, and normally cheap or free, as all you have to do to get a domain-validated cert is have an official sounding email address, publish a DNS text record, or some other way to show you have control of the domain. Domain validation doesn't require any investigation of the identity behind that domain, which is why they don't show the company name or the green bar. In Edge, domain validated certs show a hollow grey lock. [1]
EV certificates require checking the actual company - government registration, business status (eg, do you pay your taxes), does the person requesting the certificate have authority to take actions on behalf of the company, does the company have a verifiable physical address, and more [1]. They then show that company's identity in the certificate and browser - as the company name in a green bar.
Nearly everyone you speak to will quote a either a vague figure or 7-10 days to provide an EV cert.
CertSimple only does EV, and our average certificate issuance time is 5 hours. We've been doing them even faster than that recently - check the tweets on the front page of the site. A big part of that is that CertSimple checks a whole bunch of your company's information before you pay us any money. [2]
If you're not a company, or registered organization, or government department, you can't get an EV certificate right now. The cabforum EV guidelines [1] don't currently have provision for individuals.
I know that sucks. Especially when there is already capability to use government IDs for individuals in the EV guidelines for checking e.g. company directors in some cases [1].
But here's why:
- The certificate subject for an EV cert, i.e. the thing the CA is attesting to by signing your certificate is the unique in the jurisdiction registration ID.
Eg, visit https://github.com and click the certificate in Chrome - you can see GitHub is Delaware company 5157550.
The subject for an individual version of an EV cert would needs to be:
- unique in the jurisdiction
- publicly revealable
You couldn't use the number of the ID checked, since passport numbers, drivers license numbers and other are considered 'High Risk Confidential Information' in much of the world [2]
Unfortunately such a document don't exist in much of the world.
"Meet my two twin sons, Collision (pronounced cole-eye-zon, we call him Cole for short) and Collision (pronounced call-iss-on, though we like to call him Colin)."
The point is that "this is unique enough" is not a good standard when the data is sketchy or even subject to manipulation. The corporate ID numbers otherwise being discussed are unique by fiat.
