In a correctly run and operated CA, a team of trained RA Administrators manually check and verify every request for an SSL Certificate following an internationally recognised practice known as validations.
For expedience and to save on cost, some CAs automate the Validation process so that the CA can deliver its Certificates cheaply and without the need for manual Validations. The Certificates are delivered quickly, but an automated Validations process is flawed and can undermine the integrity and values of the Certificates it issues.
Regardless of how you request a Certificate, the RA should validate the request and then issue the Certificate. Automated Certificate issuance from a CA is only one part of the overall Certificate life cycle and what it saves in expedience, it looses in security. Digi-Sign would only recommend using automated Certificates for very specific, closed environments where Certificate integrity is easily controlled. A customised version of Digi-CA™ would be a good example of a closed and customised environment where automation can be implemented without affecting the security or integrity of the validations process.
Two-factor authentication, Machine Readable Travel Documents [MRTD ] systems, national ID card systems, web access control, e Passports, device-to-device authentication and two factor authentication, can all require use Certificates. Integral to all of these environments is the requirement for digital authentication, digital identification, digital encryption, digital stamping and/or digital signing and being able to support these transactions with a legally binding infrastructure.