To be fair, I was grossly simplifying the argument that it is: a) A crime to mislead a QGIS, QIIS, or QTIS within either the Jurisdiction of Incorporation or the Place of Business (as Ben and Kirk suggested) b) A crime to use cert for 'evil' purposes, as Kirk suggested
There are many other reductions of the arguments being made here that would also apply, but I thought it worth pointing out that the argument that it'd be a crime to commit crime, is somewhat of a flawed tautology, and by no means a way to conclude we'd prevent crime by criminalizing crime. On Tue, Nov 28, 2017 at 1:35 PM, Christian Heutger via Public < [email protected]> wrote: > It also means that a crime favours another crime, and that is exactly how > criminals are caught, because they leave their mark, the more so, the > better, because it makes it easier to get to the bottom of it. If you were > to skip steps now, you would also deprive yourself of opportunities to hunt > down criminals. > > > > *Von: *Public <[email protected]> im Auftrag von Ryan Sleevi > via Public <[email protected]> > *Antworten an: *Ryan Sleevi <[email protected]>, CA/Browser Forum Public > Discussion List <[email protected]> > *Datum: *Dienstag, 28. November 2017 um 19:26 > *An: *Ben Wilson <[email protected]>, CA/Browser Forum Public > Discussion List <[email protected]> > *Betreff: *Re: [cabfpub] Obtaining an EV cert for phishing > > > > Just to square these comments: > > > > Kirk's position was that EV certificates provide a way of tracking those > who'd commit crime online because they have to disclose identity. > > Gerv and James pointed out that the identity information is only as useful > as it is vetted, and there's scenarios where the vetting may not be > rigorous. > > Ben pointed out that it'd be a crime to lie to the government (although, > as a broad statement, this varies by jurisdiction) > > > > By combining these views, it seems like we're in agreement that criminals > who are willing to commit crime may need to commit crime to commit crime. > That doesn't seem like the requirement to commit crime would deter a > criminal from committing crime, but what do I know - I'm not a criminal (I > don't think...) > > > > On Tue, Nov 28, 2017 at 12:50 PM, Ben Wilson via Public < > [email protected]> wrote: > > Gerv wrote: I would say that the EV Guidelines allow EV issuers to trust > things which are QGISes because there's an assumption that information in a > Government information source will have had some level of checking. > > I'd disagree. QGISes are relied upon because everyone relies on them > because lying to the government is a crime. > > > > -----Original Message----- > From: Public [mailto:[email protected]] On Behalf Of Gervase > Markham via Public > Sent: Tuesday, November 28, 2017 10:46 AM > To: Kirk Hall <[email protected]>; James Burton < > [email protected]>; CA/Browser Forum Public Discussion List < > [email protected]> > Subject: Re: [cabfpub] Obtaining an EV cert for phishing > > Hi Kirk, > > On 28/11/17 17:03, Kirk Hall wrote: > > Thanks for the additional information, James. In the end, the EV > > Guidelines did exactly what they were designed to do – they provided a > > way for the public to find you (as the company owner) if you used your > > EV certificate and domain to do something wrong. > > They did, but only because he was honest. He is pointing out that it may > not be difficult, due to the lack of checking, for a dishonest person to > use fake information. I do think that's an issue of concern. > > I would say that the EV Guidelines allow EV issuers to trust things which > are QGISes because there's an assumption that information in a Government > information source will have had some level of checking. But it seems from > this experience that this is not true in all cases. That concerns me. Do we > have to agree that Companies House is not a valid QGIS? > > This is not a phishing issue, it's a more general "integrity of the EV > process" issue. > > Gerv > _______________________________________________ > Public mailing list > [email protected] > https://cabforum.org/mailman/listinfo/public > > > _______________________________________________ > Public mailing list > [email protected] > https://cabforum.org/mailman/listinfo/public > > > > _______________________________________________ > Public mailing list > [email protected] > https://cabforum.org/mailman/listinfo/public > >
_______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
