Re: Flowchart covering SSL checks, error states, dialogs

2007-02-02 Thread Heikki Toivonen
Nelson B wrote: > beltzner wrote: >> On 2/1/07, Gervase Markham <[EMAIL PROTECTED]> wrote: >>> Not to my knowledge. Such a thing would be fantastic! >> What I was able to offer the W3C was: >> >> http://www.w3.org/2006/WSC/wiki/NoteMozillaCertificateValidationErrors >> >> But if someone could help

Re: EV guidelines

2007-02-02 Thread Boris Zbarsky
Ben Bucksch wrote: See below. Natural persons have a passport As pointed out several times now, this is not strictly true. Unless by "passport" you mean "some sort of government-issued ID". A "passport" is a "government-issued ID that allows you to leave the country no questions asked", whic

Re: EV guidelines

2007-02-02 Thread Ben Bucksch
Florian Weimer wrote: I don't think the register of companies is useful for this purpose. Anyone can get on it. Sure you can get on it, but under which name? You can't incorporate "eBay GmbH" in Germany, because there's already a company in that name, nor "eBay Internet Services GmbH" or w

Re: EV guidelines

2007-02-02 Thread Ben Bucksch
Gervase Markham wrote: Some comments on your post. Please understand that I'm not being defensive about EV, or claiming that it's perfect - I just want to test your arguments a little bit. OK. My thought is that we don't have many chances to push things like that and have users consider it. I

Re: EV guidelines

2007-02-02 Thread Duane
Florian Weimer wrote: > Personally, I think that in order to make a difference, EV > certificates must verify not only that the certificate holder is in > control of embedded domain names (the usual EV CPS is basically > equivalent to domain-control certificates in this area), but also that > the

Re: EV guidelines

2007-02-02 Thread Florian Weimer
* Ben Bucksch: > We need to connect online business with real world business. I want to > have somebody to sue - who won't vanish when poked at. And I want that > the info in the cert is actually correct. > > I really thing that every CA-issued certificate must be verified using > the following st

Re: EV guidelines

2007-02-02 Thread Gervase Markham
Ben, Some comments on your post. Please understand that I'm not being defensive about EV, or claiming that it's perfect - I just want to test your arguments a little bit. Ben Bucksch wrote: EV solution by the "CA/Browser Forum": A bunch of CAs came up with a proposal of a new cert standard.

Re: Flowchart covering SSL checks, error states, dialogs

2007-02-02 Thread Nelson B
beltzner wrote: > On 2/1/07, Gervase Markham <[EMAIL PROTECTED]> wrote: >> Not to my knowledge. Such a thing would be fantastic! > > What I was able to offer the W3C was: > > http://www.w3.org/2006/WSC/wiki/NoteMozillaCertificateValidationErrors > > But if someone could help me construct the wor