is it not based on security settings of some sort? - Zee.

You get it from the same company you get your current encription from (like Verisign) except it costs a lot more money. - Chris Nixon

I think this is simply the SSL certificate data. - Claudio Cicali

Most SSL sites (such as Gmail) don't show this. This is the first I've seen it, in fact. What is it called and how much does it cost? - Paul Buchheit

You need to buy an Extended Validation SSL cert (http://en.wikipedia.org/wiki...). Looks like VeriSign sells them for $1,500 per year and Thawte for $900. They aren't cheap. - David Recordon

btw Paul - while i've got you here & you're not flooded with comments...is there no way to link to a particular post here on ff? - Zee.

that's not regular SSL that's SSL-EV ... SSL with Enchanced Validation ... it's more expensive then a single SSL cert .. read this link for more info http://is.gd/LIs - John Blanton from twhirl

it's by Verisign by the way ... - John Blanton from twhirl

Zee, click on "More" then "Link to this entry" - Paul Buchheit

David - thanks for the info. I have always wondered about the green bar in FF3 but never bothered to find out if it was a different type of SSL certificate. - Atul Arora

Paul, thanks a million - and there was me thinking it something you overlooked... :) - Zee.

@paul, you may read this http://tinyurl.com/4qttny first, to know what's the different between "green button" and "blue button" (green: paypal etc. blue: gmail etc). u definitly need to pay much for the "green button" - kukoo

@David @Paul sorry for the double post just saw the question and knew the answer .. should've scrolled around first ... sorry - John Blanton from twhirl

http://en.wikipedia.org/wiki.... EV certs are just another scam from VeriSign, as far as I can tell. They're sold as an anti-phishing tool, but mostly they seem like a non-solution driven mostly by the need for CAs to extract more revenue from large customers. - ⓞnor

No, EV certs are just another scam from VeriSign because their regular certs are useless for determining that somebody is who they say they are. In other words, you'll pay hundreds of dollars for a cert for friendfeed.com, but they're pretty likely to give somebody else a cert for fiendfeed.com. The only way to combat this is to pay for an EV cert because their regular verification is almost a no-op. - Gabe

@nor - Interestingly Google/Amazon dont use EV in the couple of examples I tried but eBay/Paypal do. - Atul Arora

It appears that GoDaddy has them for $400/year if you buy a 2 year cert. - Paul Buchheit

Well, a regular cert more or less says you're talking to the DNS owners of the domain listed in your address bar. Which is a service that ought to be worth about 5 cents. This one says... that you're talking with the organization that is generally known by that name? What *does* stop me from getting a business license for Fiend Feed, Inc. and so on? At some level it seems to be chasing "authenticity" which really means "will pay a bunch of money and/or fill out a bunch of annoying paperwork". - ⓞnor

What I really want is "is widely and unambiguously recognized by the community as the entity associated with that name". Where "the community" is... some big trust network centered on you and people you know? - ⓞnor

this is still far from regular idi... I mean casual consumer :) they shall say how much you are INSURED on your login when you come to this site, and insurance expressed in money, with sum signed by issuer into server side SSL certificate - only then you know for how much you are protected :) names are like talk - cheap :) - A.T.