Slide 1 - Authenticated Reseller SSL Certificate Authority

ConfidentialCompany Confidential© 2006 Comodo. All rights reserved.

Feature overview of Comodo CA.


GOAL

To provide Comodo Partners with their

own PKI certificate life cycle management

tool that would allow you to provision and

manage all global x.509 Digital Certificate

requirements for your own company as

well as any customers via online

management tools or API Integration.


Managed -Certification Services

PKI facilities: Issuance / management of X.509 Digital Certificates for:

• SSL – Full Validation Procedure.• Secure E-mail – 100% compatibility on S/MIME clients.• Trust Logo – Real time Website and card Payment verification.• SGC – Certificates available for unrivaled browser compatibility• Subordinate CA – Ability to offer Selected Partners the opportunity to become their own CA

WebTrust and EV WebTrust compliant.

• Operating under a stringent Certificate Practice Statement.• Redundant system (Backup)• Physical secure environment.• Use IBM 4758 FIPS-140-4 Level 4 devices for digital signing.• Comodo root certificates included in future Browser releases (Auto update)

Certificates recognized by 99.3% of Internet Browsers (Increasing Daily).


Comodo Partner Program Brief Benefits Summary

Zero Commitment – “Some Competitors require you to buy in expiring cert packs”

API, Integration Available

No Compromised Validation

24 / 7 / 365 Telephone Support

Ability to Sign up Tier2 Resellers

Purchase certificates on behalf of customers as an RA

Discounted pricing on RRP for volume partner accounts

Easy to use online management system “RA’s conduct the entire application, issuance and installation of an SSL

Certificate”

your own management area

Certificates are issued in minutes

Prepayment allows you to start selling SSL immediately - No monthly / annual commitments

Banding system to allow you to benefit from increased discount on higher banding.

When a Certificate is issued, the discounted price of the certificate is subtracted from your central account

Top up your account at any time to keep on top of your own success Ongoing opportunity to capture reoccurring

product sales


Comodo Reseller Program

The Reseller Program allows resellers to white label, or brand, the InstantSSL signup

process. InstantSSL certificates may be integrated into the Resellers product family

by allowing the Reseller to take payment, therefore enabling Resellers to package

InstantSSL into their current product offerings. Resellers will be offered an attractive

discount on the purchase of InstantSSL certificates through the Reseller Program.

This is no ordinary Reseller Program and requires no additional software downloads -

the Program is managed through the simple to use web interface.

Resellers can deposit funds into an online Reseller account. SSL certificates are then

available for purchase through the account at a rate determined by the deposit

amount. Certificate sales are debited from the Reseller's account balance, meaning

that you can buy 1, 2 & 3 year versions of all our SSL Certificates at greatly

discounted prices. This means that they are always in control of their funds through

the Account Manager.

Reseller Pricing Model


Webhost Resellers / RA’s

The Web Host Reseller Program is designed for ISPs and Business Hosting

companies. The program allows hosting companies to conduct the entire application,

issuance and installation process of an InstantSSL certificate on behalf of the end

customer through a web interface – no software downloads are required. Approved

hosting companies may issue Certificates for their customers at their own speed.

Hosting companies can benefit from attractive annual renewable revenue stream from

offering Comodo Certificates

Hosting companies can deposit funds into an online Web Host Reseller account. SSL

certificates are then available for purchase through the account at a rate determined by

the deposit amount. Certificate sales are debited from the Web Host Reseller's account

balance, meaning that you can buy 1, 2 & 3 year versions of all our SSL Certificates at

greatly discounted prices. This means that they are always in control of their funds

through the Account Manager.

Webhost Reseller Pricing Model


Comodo Affiliate Program

Comodo’s Highly successful Affiliate program provides organizations of all types with

a quick and easy solution designed to offer Comodo’s diverse portfolio of industry

leading SSL certificates and other Identity & Trust Assurance services. With no

integration required or development work required, you can start offering your

customers the highest industry standard SSL certificates, PCI Vulnerability Scanning

and desktop security solutions available whilst, realizing immediate revenues and

margins traditionally only available to the industry’s high volume SSL Resellers

By Simply Selecting the Comodo products that you wish to offer your customers ,

Comodo Affiliate partners have the power to build their own fully customizable suite of

SSL & Identity trust Assurance products enabling you to immediately diversify your

product portfolio and offer your customers the most trusted SSL certificate solutions

available.


Comodo Affiliates - Features

With Comodo handling all necessary backend infrastructure, payment,

provisioning and technical support components, Comodo affiliate partners

benefit from a “Zero Touch” system allowing you to focus on your core

business whilst enjoying the benefits of aligning your brand as trusted

provider.

Further Enhance there brand and there product portfolio instantly!

Immediately start generating a new and recurring revenue stream

Zero Touch Integration

Up to 50% Commissions Paid

Full reporting capabilities and management tools to monitor their success

No Upfront Payments

No Overheads


Comodo OEM Program – Powered SSL

Comodo's Powered Security Services are an industry first for service providers. Powered Security

Services allows you to provide privately labelled SSL Certificates and branded Trust Logo Site Seals to

your customers ensuring your brand value is increased and your current product offerings enhanced.

This gives organizations the ability to use the strength of their own brand to sell certificates to their

customers. Comodo operate the backend Certification Authority including high availability secure

redundant server systems, high speed FIPS 140-1 Level 4 signing devices, backup and customer

support. All SSL Certificates issued are fully supported by Comodo's industry leading customer

support department. As a powered Partner there is No need for you to invest in expensive hardware,

software and Certification Authority management costs, associated with offering your own privately

branded certificate solutions. Powered SSL essentially allows you to use Comodo's established

infrastructure to issue your own SSL Certificates to your customers maintaining you’re brand and

allowing you to Harness and Leverage the Power of your brand.


Powered SSL - Features

Offer your own range of high quality SSL certificates and further leverage your brand.

Generate greater revenues through full control over certificate profiles and price points.

Fully integrate SSL certificates into existing platforms

Offer your customers a more cost effective SSL solution with high quality certificates.

Extremely competitive wholesale discounting which will enable you to compete effectively in the SSL market place yet with a high assurance SSL offering.

Fully supported solution – Comodo will assist with any validation and support issues.

Access to Comodo’s extensive R&D and development resources.

Analyze all existing SSL activity on your customer’s domains through Comodo’s domain audit tool which will allow you to accurately promote and target competitor’s SSL certificates with your new product offering.


Comodo’s EPKI Manager, eliminates the need to invest in expensive

hardware, software, expertise and Certification Authority management

facilities associated with providing your own digital certificate solutions.

Comodo’s EPKI Manager allows organisations to issue Certificates for use

within your intranets, extranets, websites or employee’s email clients.

Comodo already provides the industry’s most cost effective Certificates

available ; however our EPKI Manager provides even greater discounts on

all Certificate purchases.

To avoid such barriers for the widespread use of Certificates within an

organization, Comodo has developed the enterprise class EPKI Manager - a

web - based console used to interface with the Comodo Certificate

Authority.

E-PKI Manager Overview


E-PKI Manager Overview

The EPKI Manager provides instant security for your web operations,

internal networks and employees email, giving you full access to an

outsourced Certificate Authority platform for all your digital certificate

requirements.

Comodo - SSL Certificate Authority EPKI Manager provides fast, and easy

management of your enterprise’s digital certificates.

When considering the implementation options for a digital certificate

solution, you will choose to opt either for an in-house PKI model, or a fully

managed outsourced model. Following the inhouse option will see

enormous costs in time, management, legal fees, development and

operational costs.


E-PKI Features at a glance

Easy to use web - based console, full API integration available (If required)

Issue high quality, fully trusted SSL Certificates

Issue Corporate Secure Email Certificates quickly to employees and

partners

Create / manage "sub users" and assign specific issuance and reporting

permissions to your users

Gain savings on standard Certificate buy prices

No extra software / hardware required

Full reporting / Certificate management


Comodo Trust logo’s Features

1.) Point to Verify:

Point to Verify Is important for your visitor as it offers the "extra" level

of confidence about "you" without your visitor having to click away!

Comodo, provides the extra confidence that your users need right

there and then within your website, using "Point to Verify" technology!

This creates a "Call to Action" and gives you something in return you

can see exactly how many times you have been authenticated by the

users as they felt the need to authenticate you and is Comodo's Trust

Logo is the only Trust Logo with Active feedback and is a unique

patented Comodo Innovation and is existent in all Comodo Logo’s.

As our Trust Logo's have this capability, it automatically encourages

the end user with this "call to action" to engage in establishing trust

with your site! now, users are encouraged to establish trust with you!

and are gently engaged and offered a way to trust you.

Point to verify technology

Extended site credentials

Eye catching design

Boost Conversion rates

Unique, Domain wide logo

Scrollbar independent

Unlimited verifications

Unique feedback facility

Trusted third party validation


Comodo Trust logo’s Features

2.) ROI (Return on Investment)

Additionally this "Active Trust Feedback" mechanism helps you identify the best ROI for

establishing trust. It provides a feedback mechanism by enabling you to position your Trust Logo

in the best ROI place on your website. The more people verify you, the more they will trust, the

more your revenue will increase!

Active Trust Feedback MechanismMore customers Trust = More Customer Conversions = Higher ROI

Use your Daily mouse-over statistics to find the optimum positioning for

your Comodo Trust Logo's, Card Payment Logo's and Hacker Guardian Shields.

3.) Unspoofibility ...

Why does it matter? we offer a 3rd layer of Trust Relationship for the concerned and educated

users, who understand the pitfalls of the internet! We offer the end users an ability to Verify your

Trust Logo and site in a manner that is not susceptible to spoofing, in return giving your customers

a total and complete piece of mind hence allowing them to truly trust you!


Extended Validation SSL

With the advent of Extended Validation SSL certificates in next generation web browsers such

as IE7, Microsoft have introduced an added complication. In order to get IE7 on Windows XP

to show the EV green bar, each CA (Certification Authority) that sells EV SSL Certificates has

had to issue a new Root Certificate. These new Root Certificates will not automatically be

installed on end-users' systems, and the EV green bar will NOT be seen until they are

somehow installed.

What makes Comodo Different from any other CA, i.e. Verisign?

Comodo EV AUTO Enhancer ™

What is Comodo EV AUTO Enhancer?

Comodo’s patent-pending EV AUTO-Enhancer™ Automatic EV Deployment and maintenance

Technology is able to install Comodo’s EV Root Certificate automatically on your customer’s

computers. They do not need to install a patch from Windows Update and you do not need to

modify any of your WebPages. In addition, Comodo’s EV AUTO-Enhancer™ guarantees to

give your customers the EV green bar immediately in IE7 (and next generation EV capable

browsers), even if they have JavaScript disabled in their browser!

Automatic EV Deployment and maintenance Technology

Click here for more information


SSL Browser Recognition

Desktop Browsers: Microsoft Internet Explorer 5.01 +

Red Hat Linux Konqueror (KDE)

Netscape 4.77 +

Firefox 0.1 +

Mozilla 0.6 +

AOL 5 +

Opera 8 +

Safari 1.2 +

Camino 1.0+

Micro Browsers /PDAs.Microsoft Windows Mobile/ CE 6.0 +

NetFront Browser v3.4 +

RIM Blackberry v4.2.1 +

KDDI Openwave v6.2.0.12 +

Apple iPhone

Opera Mini v3.0

Sony Playstation Portable

Sony Playstation 3

Additional Applications:

Google Checkout

Sun Java v1.4.1 +

SeaMonkeyExtended Validation SSL: Internet Explorer 7: (Vista)

Internet Explorer 7: (XP) Firefox 3.0 Opera 9.5

Email Clients (S/MIME): Microsoft Outlook 99+

Microsoft Outlook Express 5+

Netscape Communicator 4.51+

Mozilla Thunderbird 1.0+

Qualcomm Eudora 6.2+

Lotus Notes (6+)

Mail.app (Mac OS X)

Server PlatformsApache

BEA Weblogic

C2Net Stronghold

cPanel / Web Host Manager

Ensim Control Panel

Hsphere

IBM HTTP Server

iPlanet Server

Java Web Server (Javasoft / Sun)

Lotus Domino

Microsoft IIS

Microsoft ISA

Microsoft Live Communication Server

Microsoft Office Communication Server 2007

Microsoft SQL Server 2005

Netscape Enterprise Server

Novell ConsoleOne + Novel Webserver

OpenLDAP

Oracle HTTP Server

Plesk

Tomcat

Webmin

WebSTAR

Zeus Web Server


Comodo SSL Certificates – Key Features

99% Browser Compatibility - Root Certificates inherently trusted by

all major Web Browsers and Smartphone/Micro Browsers

Highest industry standard 128/256 bit encryption

X.509 industry standard

Extended Validation (EV) SSL Certificates for next generation web

browsers such as IE 7.0, Firefox 3.0 and Opera 9.5

SGC (Server Gated Cryptography) capable SSL certificates,

enabling strong encryption to over 99.9% of website visitors.

Full warranty (Up to $1mil US)

Unlimited re-issuance policy


The Web Trust Standard

Fully Accredited AICPA/CICA Web Trust compliant

Certification Authority – the Highest globally-recognized

standard + WebTrust for Certification Authorities –

Extended Validation Audit Criteria.

Accreditation Focuses on:

• CA Key Usage

• CA Key Destruction

• CA Key Archival

• CA Public Key Distribution

• CA Cryptographic Hardware Life Cycle Management

• Key Life Cycle Management Controls

• CA Key generation

• CA Key Storage, Backup and Recovery


Myth – Single Root Certificates are best practice

End entity certificates chained to an intermediate certificate represent the highest

possible security solutions for Certification Authorities and therefore their customers.

There exists a very small possibility, consistent amongst all certification authorities,

that the certificate used to sign end entity certificates could be compromised. The

signing process itself mandates that the signing certificate must be accessible in

order to perform the signing operation.

In the case of an intermediate certificate, the corresponding root certificate is

secured offline, eliminating the possibility of it being compromised by daily

signing processes.

End entity certificates directly signed by root certificates (i.e. no intermediate

protection) provide no recourse should the root certificate itself become

compromised. If an Intermediate were to be compromised then new intermediates

could be created and new end entity certificates could be issued.


High profile examples of Chained SSL


Aren’t intermediate certificates harder to install than direct root install certificates?

For IIS. Both Microsoft IIS 5.0 and IIS 6.0 are fully PKCS#7

compliant whereby they will automatically parse the certificate

extract the new intermediate and install it in the appropriate

certificate store. (Root certificates are also installed if previously

removed from the server.)

For Apache. Major CAs will deliver a ‘bundled’ file containing the

complete certificate chain providing a single installation method for

the certificate.

Therefore the installation process of an intermediate certificate is no

more difficult than a direct root install certificate.


CA Global Growth – Netcraft August 2007Comodo Has Largest Gain Among CAs

The Comodo Group has the largest gain of SSL-secured sites this month among

certificate authorities as it adds 5,562 sites, comfortably ahead of VeriSign, which adds

3,226 sites.

Additionally Comodo is

the CA Infrastructure

provider to numerous

other CAs


CA Offering

Comodo’s Sub-CA signing program empowers Internet service providing organizations to become their

own Certification Authority (CA), allowing them to offer an essential security product required by millions

of customers to conduct E-commerce safely and securely.

By chaining to Comodo’s highly trusted public root CA certificates which are compatible with all major

Web Browsers, organizations can issue their own range of SSL, code signing and secure email

certificates to their customers whilst further leveraging their product portfolio and reputation as a trusted

provider.


Google Trends – Comodo Vs

Comodo Vs


Comodo – Unique Selling PointsFounded in 1998

The worlds 2nd largest, fastest growing Certification Authority

Headquartered in NJ USA with global operations centres in the U.K, Japan, India and Ukraine

A fully accredited AICPA/CICA WebTrust compliant Certification Authority – the highest globally-recognized standard

8 highly trusted public Root Certificates under ownership embedded within all major Web Browsers

Comodo controls more than one-quarter of the worldwide digital certificate market

One of the most diverse and largest portfolio of PKI-based digital certificates

The only major independent SSL provider outside of the Verisign group of companies

Founding members of the Certification Authority Browser Forum, a consortium of CAs and browser industry leaders that

Through CA Browser forum the next generation of SSL certificates were derived: Extended Validation (EV) SSL

8,000 + Global Partner Network

Over 1 million digital certificates issued

Comodo customers include: 7 of the top 10 Fortune 1000, 5 of the top 7 U.S. universities, the top 2 global software providers, and 2 of the top 20 financial institutions

Award winning Trust Seal programme - “Corner of Trust” enables real time verification of more than 500,000 websites


Example Customers


https://www.ebay-education.ie/

https://www.toysrus.co.uk

https://www.Blockbuster.it

https://eu.levi.com

https://erms.samsung.com

https://www.guardian.co.uk

https://orders.halfords.com

https://www.pepsicola.co.kr

https://www.dupontsystems.com

https://www.samsunggsbn.com

https://www.gadgetshop.com

https://servicestatus.virginmedia.com

https://www.ecommerce.com/

https://www.sonystyle.co.uk

https://www.kawasaki.co.uk/

https://www.kaiserpermanente.org/

https://www.expedia.com

https://www.mbs-sbf.com/kit/store.asp

https://www.sony.co.uk/

https://www.electrolux.net/

https://www.pathe.nl/

https://www.thewhitecompany.com

https://ccs.vodafone.com/

https://www.Thomsonlocal.com

https://www.Pipex.co.uk

https://www.118.com/

https://my.netgear.com

https://www.sony-europe.com

List of over 40 top level Sony domains ALL are secured with a Comodo SSL Certificate.

https://www.expediacorporate.fr/

https://www.toshiba-europe.com/

https://www.capgemini.com

https://www.mivacentral.com/

https://www.securitas.no/

https://jobs.honda.co.uk

https://accounts.ebuyer.com

https://store.playboy.co.uk

https://www.orange.ro

https://webcheck.virginblue.com.au

https://ssl.tele2.com

https://us.Sanyo.com

https://www.redcrossfirstaidtraining.co.uk

https://www.securitas.no

High Profile reference Sites Utilizing Comodo SSL Certificates:


World Wide Operations

Corporate HQ New Jersey

USAUser Trust DivisionSalt lake City - Utah

European HQ Manchester UKLeeds R&D

Comodo Japan

Comodo Support Facility

Comodo Support Facility


Comodo Firewall Pro - Providing Increased Brand Awareness

9 Million users

500,000 new users a month.

Available in 13 Languages

Matousec:

• Matousec found that it offered the highest level of "anti-leak" protection -- in essence, a measurement of a firewall's effectiveness. Comodo offers true two-way firewall protection, is extremely configurable, and unlike most other firewalls, gives you a great view into your system and Internet connection as well. It's free, as well.

Download.com (Cnet):

• "[Comodo Firewall Pro is] a solid, state-of-the-art firewall with little reason left to ignore it. Providing a smorgasbord of information and options for advanced users, simple enough for beginners, and yet runs smoothly and silently in the background, Comodo is a prime example of what a program that mucks about with your Internet connection should be like."


Comodo offers the widest portfolio of high quality SSL Certificates to meet the needs of every business. Whether you need SSL to establish trust, meet compliance requirements, or simply to secure a web server.

Comodo SSL Certificates offer you the highest levels of encryption, authentication and security.

Slide 1 - Authenticated Reseller SSL Certificate Authority

Documents

Transcript of Slide 1 - Authenticated Reseller SSL Certificate Authority