On 12/23/2014 9:20 PM, Tom Metro wrote:
The point stands that in the beginning, there weren't choices for cert levels. And as you point out, there were significant labor costs involved for what they did provide. So it would be illogical for someone to mandate that they give away that service.
That's because what you call "basic" and "extended verification" are the same thing as far as X.509 PKI as designed is concerned. X.509 is an identity management specification. A CA issues you a certificate only after it has verified that you are who you say you are. In a government or commercial agency this would be tied to the hiring process. In an education setting it would be tied to the enrollment process. Issuing X.509 certificates without performing these so-called extended verifications is a failure to correctly implement X.509 PKI.
-- Rich P. _______________________________________________ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
