Eddy Nigg (StartCom Ltd.) wrote:
Gerv, I think that no new CA certificates are added within the the same
release. Therefore only between major releases they are added. If you
look at https://bugzilla.mozilla.org/show_bug.cgi?id=351756 you can see,
that this was added before the FF2 release,
Eddy Nigg (StartCom Ltd.) wrote:
Johnathan Nightingale [EMAIL PROTECTED] wrote:
Imagine that we found a way to clearly present to the user:
+ Your connection is encrypted
+ The site's identity has been verified
+ You've been here many times before
+ This site is trusted by (your friends |
Johnathan Nightingale wrote:
1. To a first approximation my sense is that, unsurprisingly, EV and
Eddy's proposal are trying to accomplish the same thing: strengthening
the internet's TLS/SSL certificate infrastructure to provide stronger
identity verification.
Actually, I'm afraid I
Eddy Nigg (StartCom Ltd.) wrote:
Perhaps this is somewhat premature, but I nevertheless would like to
suggest a path for implementation and practical steps for implementation
of the multi-level proposal we put forward.
It is premature. :-) For a start, the proposal does not have anything
Gervase Markham wrote:
You mean, you are not happy anymore about Geotrust/Comodo business?
Regfly has no connection to Mozilla whatsoever...
Indeed not.
Well, what I meant is, that Regfly has not direct responsibility to
Mozilla. They are not a CA root, therefore the parent CA is responsible
Gervase Markham wrote:
Eddy Nigg (StartCom Ltd.) wrote:
Let's assume for the sake of argument that we are no longer happy
about FlySSL's business.
You mean, you are not happy anymore about Geotrust/Comodo business?
Regfly has no connection to Mozilla whatsoever...
Indeed not.
I guess it
Gervase Markham wrote:
Eddy Nigg (StartCom Ltd.) wrote:
That's right! But the audit confirms exactly that (in your example,
no verification). The CA will have to mark its certificates compared
to its policy which was audited accordingly.
Why will they have to?
Because they would like to
Nelson Bolyard wrote:
Exactly. But there IS NO following information.
The page says:
Unique Identifier
CUI:1869067182
Domain Name:registerfly.com
Country:US
State: New Jersey
Locality: Boonton
Organization: RegisterFly.com, inc.
Disclaimer: The following
Alaric Dailey wrote:
than doing things right. For example SSL for identification is
worthless without DNS being secured, and no-one on any list wants to
talk about that. Unfortunately, the number people who actually
I don't understand how you can claim this. SSL *is* the solution to
Alaric Dailey wrote:
Heikki Toivonen wrote:
Alaric Dailey wrote:
SSL for identification is worthless without DNS being secured, and
no-one on any list wants to talk about that.
I don't understand how you can claim this. SSL *is* the solution to
insecure DNS. Could you explain?
I
10 matches
Mail list logo