> On Oct 18, 2019, at 7:55 AM, scott.helme--- via dev-security-policy > <[email protected]> wrote: > > >> I hope the Mozilla community will celebrate this honor, but will also >> reconsider its proposal to drop support for EV certificates – that would >> mean that Firefox no longer meets all BSI requirements for a secure browser. > > Hey Kirk, > > Can you link to where Mozilla (or any other browser vendor) has stated their > intention to drop support for EV certificates? Unless you're confusing the > recent/upcoming UI changes surrounding EV, I've seen no such intention from > the browsers. EV certificates will continue to work just as OV and DV > certificates will.
[PW] I think everyone is right on this one. I have no evidence to prove what I’m about to say, but I *suspect* that the people at BSI specified “EV” over the use of other terms because of the consumer-visible UI associated with EV (I might be wrong). If I’m right, they might get upset with the removal of the UI. Either way, this conversation helps to demonstrate to us, how an important stakeholder is using these terms to make important decisions. It also demonstrates how we are making too many assumptions about such important matters. I think this is a great opportunity from a product perspective, to learn more about BSI’s expectations and assumptions to help all of us, with the work we’re doing on their behalf. I think it’s absolutely critical for Mozilla to reach out to BSI to find out the right answers. But I think other stakeholders should do the same. - Paul > > Kind regards, > > Scott. > _______________________________________________ > dev-security-policy mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
