A domain validated certificate is the most rudimentary type of certificate, in terms of validating the website owner’s identity and legitimate claim to the domain. It basically asserts that the certificate was authorized by the domain name owner, and that is the extent of it. It does not guarantee that the website owner is a legitimate entity. While the SSL session is guaranteed encrypted, this is done in the absence of any assertion of confidence in the credibility of the website owner. This can leave open the possibility for phishing or “man in the middle” attacks and scams, and should not be used for commercial websites which involve significant financial transactions, particularly where government oversight and regulation may be involved.