On Mon, Dec 18, 2017 at 1:43 PM, Andrew via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > > Correct me if I'm wrong, but isn't the sole argument for removing EV UI > based on the premise that attack #2 in the list above is worse than attack > #1? So much worse in fact, that rather than try to mitigate #2, we should > just remove Extended Validation entirely? >
No. There's not a single, sole argument. https://groups.google.com/d/msg/mozilla.dev.security.policy/szD2KBHfwl8/KiKMZv2gCAAJ https://groups.google.com/d/msg/mozilla.dev.security.policy/szD2KBHfwl8/G4xiFiaUCQAJ _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
