Alaric Dailey wrote: > Remember there are least 2 Free CAs listening and contributing on this > list, that means monetary barriers (assuming a steep price from > Verisign) won't be an issue for phishers.
Since phishing exists happily with no SSL, why would they start using SSL all of a sudden now that EV's are being discussed? This will do very little for security for anyone as it fails to address the real problems and tries to attack a niche situation that isn't under attack... I'm a little confused here, can someone please explain to me how this is supposed to help the vast majority of users? -- Best regards, Duane http://www.cacert.org - Free Security Certificates http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://e164.org - Because e164.arpa is a tax on VoIP "In the long run the pessimist may be proved right, but the optimist has a better time on the trip." _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
