On Wed, Sep 04, 2019 at 03:50:40PM +0200, Kurt Roeckx via dev-security-policy wrote: > On 2019-09-04 14:14, Matt Palmer wrote: > > If EV information is of use in anti-phishing efforts, then it would be best > > for the providers of anti-phishing services to team up with CAs to describe > > the advantages of continuing to provide an EV certificate. If site owners, > > who are presumably smart people with significant technical skills making > > decisions on a rational basis, don't see the benefits (after a little > > training), perhaps you should accept their decision, even if you disagree > > with them or have a different commercial interest. > > So I think what you're saying is that sites with EV will still be more > trusted, but the browser isn't really aware of it.
I trust the security of sites that I manage more than I trust rando sites on the Internet, but the browser isn't really aware of it either. Did you have a useful point to make? - Matt _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
