Eddy Nigg (StartCom Ltd.) wrote:
> But imagine now, that a company received an EV certificate and this very
> company turns out to be a real crook....
We fully expect crooked companies to get EV certs. All we hope is that the
EV process prevents them from getting a cert using a name that is not their
own. EV does not mean "safe".
So tell me, what good does an EV cert do?
The hype is that green means go, that the site has been deemed safe.
If a green bar, or anything else indicating that this site is some how good to
go, users will think its safe.
If EV DOESN'T mean "safe" as the hype says, then there is NO reason for it,
other than lining the CAs pockets. IMHO the whole idea will do more harm than good.
<http://cert.startcom.org/?app=109>
_______________________________________________
dev-security mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security
