On Wed, Aug 14, 2019 at 11:52:46PM -0700, Daniel Marschall via dev-security-policy wrote: > In old Firefox, I get a green bar if I visit google.com and paypal.com, > telling me that this is a well-known company that got the EV certificate. > The other fake domains goog1e.com and paypa1.com only have DV certificates by > Let's Encrypt.
The green bar does not indicate that it's a well-known company. It means someone payed for an EV certificate. The green bar does not in any way say it's more secure or indicate that you're talking to some trustworthy company. It only gives you a false sense of security. Kurt _______________________________________________ dev-security-policy mailing list firstname.lastname@example.org https://lists.mozilla.org/listinfo/dev-security-policy