On Sun, Aug 18, 2019 at 09:14:52AM +0200, Paul van Brouwershaven wrote:
> On Sun, 18 Aug 2019, 07:18 Matt Palmer via dev-security-policy, <
> dev-security-policy@lists.mozilla.org> wrote:
> > On Thu, Aug 15, 2019 at 05:58:56PM +0000, Doug Beattie via
> > dev-security-policy wrote:
> > > Shouldn’t the large enterprises that see a value in identity (as
> > > does GlobalSign) drive the need for ending EV certificates?
> >
> > Can you point me to the in-progress discussion in the CA/B Forum lists
> > that is proposing to end EV certificates?  From what I can see so far,
> > browser vendors aren't "ending" EV certificates, a couple of them are
> > merely
> > modifying their UIs guided by relevant research into the efficacy (or lack
> > thereof) of the current UI.
> 
> What evidence or research shows that the new location is providing better
> protection for the end users?

I don't think it requires rigorous research to show that 0 >= 0.

- Matt

_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Reply via email to