On 2019-09-04 14:14, Matt Palmer wrote:
If EV information is of use in anti-phishing efforts, then it would be best for the providers of anti-phishing services to team up with CAs to describe the advantages of continuing to provide an EV certificate. If site owners, who are presumably smart people with significant technical skills making decisions on a rational basis, don't see the benefits (after a little training), perhaps you should accept their decision, even if you disagree with them or have a different commercial interest.
So I think what you're saying is that sites with EV will still be more trusted, but the browser isn't really aware of it.
Kurt _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy