On 12/27/2008 02:34 PM, Gervase Markham:
One of the points of EV was to allow us to act against a CA without massive collateral damage. We can remove EV status from a root without disabling the root entirely.
Which unfortunately isn't really effective for the issue we are facing today. Removing EV status would be applicable in case the EV guidelines wouldn't be fulfilled by a CA. It's absolutely useless otherwise. Or would you suggest that because a CA doesn't perform its duties for regular certs to disable EV, even though their EV business practices are in complete compliance with the EV guidelines?
I think the opposite should be explored more clearly. Disable a root except in case it's an EV cert. Think about it...
-- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: start...@startcom.org Blog: https://blog.startcom.org _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
