Florian Weimer wrote: > EV is (also) an attempt to devalue existing infrastructure, so it's > some form of group punishment.
It also provides browsers with a slightly less blunt weapon. If a CA clearly violates EV guidelines the browser could remove the EV-ness of the root without removing the root itself. Users could still get to the sites so we're not punishing users and not putting sites out of business, but the site owners are no longer getting what they paid for and that will put pressure on the CA. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto