Digital certificates are all about trust: basically the CA is vouching for the identity of the Web site
Although the level of proof varies. For my own domain (a .me.uk) I was required to add a record to my DNS. I did this by emailing my registrar who always do anything I ask regarding my domain even if I accidentally use my work email account and thus have no obvious link to it. As it happens they were a bit slow in responding and GoDaddy eventually accepted my certificate before my registrar made the change.
So I apparently got a certificate from GoDaddy just because I paid them £40 on a credit card.
Oh well. Hopefully .com and .co.uk require more careful vetting :-/
Biting the hand that feeds IT
