Eddy Nigg (StartCom Ltd.) wrote: > Yes, this is a good argument in favor of EV and EV is exactly intended > for that. Just a pity the rest of the public PKI is left broken, no > matter what the reasons are (by design, lack of interest, commercial > interests, etc), because there is more to protect than Paypal, Ebay and > few banks. EV however might be an overkill for others.
Ah, but isn't EV really returning the public PKI to the ideal of what CAs are supposed to be doing in theory, namely binding a (strongly) verified identity to a public key? So in theory any site supporting high-value transactions (financial or otherwise) should migrate to EV certs. This certainly should include major sites like Bank of America, E*Trade, etc., Amazon, etc., as well as any ecommerce site for which the annual EV cert fee is a small fraction of overall operating expenses. Frank -- Frank Hecker [EMAIL PROTECTED] _______________________________________________ dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
