Eddy Nigg (StartCom Ltd.) wrote:
> For example like this? http://www.startcom.org/img/verisign-ocsp.png
compared to http://www.startcom.org/img/startssl-ocsp.png :-D (Screen
shots from the 9th of February 2007). BTW, Opera doesn't know what to do
with CRLs....we are certainly living in interesting times...
OCSP failure for EV is a hard fail; that is, it's reasonable to (at
minimum) present a cert as not being EV if you can't reach the OCSP
responder.
/**Browsers** also should say "no." Or, should say, "sure, as long as it
is an open market in governance." There is this underlying premise that
the cartel known as the CA/Browser forum is //the only one. No such.
There is no reason why I can't form a cartel made of, say, European
national CAs or open source software CAs or Internet Bank CAs or ... and
simply request the colors purple, peach and turquoise./
Absolutely! Any new standard which comes along by any interest group
should be accepted by the browsers vendors...sounds reasonable, doesn't
it!?
No. Each one would be evaluated on its merits, and inevitably the
question would be asked "why a new standard instead of using the old one".
Also, browsers may choose to give the two standards the same UI
treatment, if they judge them equivalent.
Gerv
_______________________________________________
dev-security mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security
