Robert Sayre wrote:
I believe it presents a higher barrier. Since there is no technical advantage to EV, I am not sure that will matter, once ways of manipulating the EV system are discovered by criminals (does anyone think they won't figure something out?). I don't think Mozilla should jump in right away. This is unpleasant, because it would then appear that IE has a "feature" we lack. So, I understand the desire to go ahead.
I agree that it's possible that a loophole may be found; however, we have mechanisms in place to update the standard when and if it is. (I can't envisage a scenario where fraudsters are regularly getting hold of EV certs and no-one notices; by the very nature of fraud, someone will notice.) So I don't think the possibility of future problems should prevent us from going ahead; after all, someone could break SSL tomorrow, but we still use it for now.
I am not suggesting the implementation of EV to keep feature parity with IE, I am suggesting it because I think that it provides what SSL should have provided all along, and that something is something we want.
We will probably arrive at this state if we are at all serious. We need to have a clear definition of "obvious disregard" and the consequences, so the event doesn't become a negotiation.
Well, it's never a negotiation, because we have unilateral power :-) If you look at the current CA policy, you will see the words:
"We reserve the right to ... discontinue including a particular CA certificate in our products, or to modify the "trust bits" for a particular CA certificate included in our products, at any time and for any reason."
It then goes on to give examples, but is careful to state that we are not limited by them.
http://www.mozilla.org/projects/security/pki/nss/ca-certificates/policy.html Gerv _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
