Michael Lefevre wrote:
If EV contributes nothing to a measure of "trustworthiness", then what is
the point of it?
It keeps people honest.
That's not a contradiction.
Say I'm an old and mostly-blind professor. I meet you for the very first
time, take you into my house, and leave you in my front room next to an
open suitcase containing $50,000. I then go and have a nap.
Now, imagine the same scenario where, before I go for my nap, my
eagle-eyed assistant photographs you from all angles in high detail,
takes your fingerprints and a DNA sample, and copies down your passport
number.
In which scenario are you more likely to act dishonestly and run off
with the suitcase?
Your trustworthiness hasn't changed - nothing has changed about you.
No-one has attempted to measure your trustworthiness. But in the second
scenario, you are more likely to behave in an honest manner, because the
consequences are different.
EV is like the second scenario. The more we know about the applicant,
the more likely it is that they will behave honestly - or rather,
applicants with dishonest intent won't apply.
Gerv
_______________________________________________
dev-security mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security
