Robert Sayre wrote:
It seems like EV certs are claiming to provide the sort of protection
regular certificates were initially supposed to provide.
Yes, basically.
Could you
explain why this is not a bait and switch, because it looks that way to me.
I don't understand what you mean by "bait and switch" in this context.
Certificates may, at one time, have had good vetting behind them.
However, because there were no standards, that led to a race to the
bottom, where some CAs tried to cut corners and costs, knowing that
their certs would still turn on the padlock. This devalued the padlock -
and it remains devalued today.
We could rehabilitate the padlock by examining carefully the issuing
practices of all existing CAs, throwing them into two buckets marked
"good enough" and "not good enough", and not displaying the padlock for
the second lot. This would a) be a great deal of work, if it were even
possible to get access to each CA's proprietary processes, and b) break
half the SSL web when we threw out some of the root certificates.
Alternatively, we could start again with a new UI indicator, this one
actually backed by an objective standard and a minimum level of vetting.
Which is the idea behind EV.
Surely we should support them, just like we do normal certificates, but
I don't see why we should present them any differently in the UI.
Because they would then be differentiated from existing certificates
which don't provide the sort of protection etc. etc.
Gerv
_______________________________________________
dev-security mailing list
dev-security@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security