Edward Ned Harvey (blu) wrote:
> If that argument holds, then *no* certificate authority should be
> able to charge for issuing certs.
That's a good idea. No, seriously.
It doesn't appear that a central organization holds sway over CAs,
unlike they way ICANN rules over domain registries, but if t
On 12/22/2014 10:43 PM, Tom Metro wrote:
Probably a big reason this never happened is that when CAs were being
established, all that existed were basic certs. The extended validation
certs and other value added services were only thought up later. Once
the industry was established, hard to correc
Richard Pieri wrote:
> Tom Metro wrote:
>> Probably a big reason this never happened is that when CAs were being
>> established, all that existed were basic certs.
>
> The early certificate authorities...were all about identity
> verification. ...the handful of extant CAs bothered with things like
On 12/23/2014 9:20 PM, Tom Metro wrote:
The point stands that in the beginning, there weren't choices for cert
levels. And as you point out, there were significant labor costs
involved for what they did provide. So it would be illogical for someone
to mandate that they give away that service.
T