On Thu, Aug 29, 2019 at 2:49 PM Kirk Hall via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:

> Sure, I’m happy to explain, using Bank of America as an example.


Thanks for providing this example. Could you help me understand how it
helps determine that things are safe? For example, the reputation system
you described, which is more akin to code signing than what is generally
practiced an anti-phishing, seems like if it was implemented, it would
leave users at significant risk from compromise on EV sites. That is, if an
EV-using site was compromised and displayed a phishing form, the fact that
it had "good" reputation would actually be actively harmful to users
security, because it would make it harder to provide timely responsiveness.
That is, it would be a false negative.

In this case, the use of EV certificates, and the presumption of
reputation, would lead to actively worse security.

Did I misunderstand the scenario?
dev-security-policy mailing list

Reply via email to