Internet Explorer 7 Extended Verification Certificates and the Phishing Filter

IE7’s Phishing filter, which is supposed to be a layer of defense against Internet bad guys, drives me crazy.  The performance impact is noticeable, since every DNS request made by the browser has to be redirected to Microsoft to be checked against a database of known malicious sites.  I typically disable the Phishing filter the first time I start a fresh IE7 installation because of this problem. 

Unfortunately, one of the nice things that was present in IE7 that disappears once the Phishing filter is disabled is the green bar that shows you are on a web site that uses Extended Validation (EV) certificates.  EV certs are harder to obtain because the end user must pass a more rigorous identity verification screening process in order to purchase the certificate.  According to Verisign:

“Extended Validation SSL Certificates were created in direct response to the rise in Internet fraud, eroding consumer confidence in online transactions. In 2005, 84% of respondents to a Forrester Research study said they don’t think retailers are doing enough to protect their customers online and 24% did not make purchases online due to security concerns.* Before customers share their confidential data online, they want proof of identification from a trusted source. The Extended Validation SSL Standard raises the bar on verification of SSL Certificates and enables visual displays in high security browsers.”

You can see IE7 is not displaying the EV Certificate green bar for when the Phishing filter is disabled.

I’m not sure what the rationale was behind the decision to make the EV certificate display go away when the Phishing filter is not in use, but here’s how to re-enable it in IE7:

In Internet Explorer select Tools – Internet Options – Advanced.  Down at the bottom of the list check the Check for Server Certificate Revocation box.  Restart Internet Explorer for the change to take effect.

Now you can see the green bar associated with Paypal’s EV certificate is visible.

Please see Microsoft KB 928089 for a Phishing filter patch that may increase performance.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: