If you look at the phishing data feeds and correlate them with EV certificates, you'll find out that Tim's "speculation" is right.
In my experience, it's generally a bad idea to disagree with Tim Shirley. -Tim > -----Original Message----- > From: dev-security-policy [mailto:dev-security-policy- > [email protected]] On Behalf Of Tim > Shirley via dev-security-policy > Sent: Wednesday, December 13, 2017 3:35 PM > To: [email protected] > Cc: [email protected]; Gervase Markham > <[email protected]> > Subject: Re: On the value of EV > > No, I’m not presuming that; that’s why I put the ? after never. I’ve never > heard > of any, so it’s possible it really is never. But I’m pretty confident in at > least the > “rare” part because I’m sure if you knew of any you’d be sharing examples. ;) > > > From: Ryan Sleevi <[email protected]> > Reply-To: "[email protected]" <[email protected]> > Date: Wednesday, December 13, 2017 at 5:03 PM > To: Tim Shirley <[email protected]> > Cc: Gervase Markham <[email protected]>, "mozilla-dev-security- > [email protected]" <[email protected]> > Subject: Re: On the value of EV > > "The very fact that EV certs are rarely (never?) used" is, of course, > unsubstantiated with data. It's a logically flawed argument - you're presuming > that non-existence is proof of non-existence. > _______________________________________________ > dev-security-policy mailing list > [email protected] > https://clicktime.symantec.com/a/1/1mqhGL6xJbzNGRpvF0vTa3WSnEAQZQF > 5K8VgNSFvl4s=?d=gqGQYeASiQy2N3lU7K- > sEhOlQFbmNC2fxAOHBYelo4XflHuD2J9CzlFlH1A4n9gPmfRm7PO65FrdOoGfE > G4_NkKF6- > 8MK2zsOPqWmmn1vGp6Vnisxb3aI7shACwoWBG13n7WdXQU7nSrm_tFvcoN > 9O0NKUrlWvavx4iSGiiXzsDv01k8TE8-Yo_fPj- > 3jovLn9wEG58glLeHrORIeDZBuxW2AhHJoW4MJTAlfEcVHypFeL1oqs8zKB9LvE > VIUjqp3uKWLp2zpjq2Kig_eG7zbANgxreRmS4W7SCFZQXf6wwvzxDRQsu0mq- > AEES6RX6E2oLIYUPGOm92xX7muZtDJiATEc4W4zkWK-OgxI-llU1e4nM-gBlD- > MdN6MEdFgK31iyhAmp9nahN24LYmBIOZcmZtNEVVi8xWXSKfZ4HRQ94ZCQx > mxlJBA%3D%3D&u=https%3A%2F%2Flists.mozilla.org%2Flistinfo%2Fdev- > security-policy
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
