> There have been no cases of misissuance using Method 1 over roughly 20 years
You guys have been told repeatedly that you have no evidence this statement is true. You need to stop saying it. The truth is it is extremely hard to "misissue" a certificate using method 1, precisely because it is so weak. Some of the certificates issued using method 1 probably went to people they shouldn't have gone to. We have no idea how many, because the CAs used method 1, which doesn't validate much! Symantec issued lots of certificates in full compliance with method 1 that DigiCert would never have issued. Attempting to spin that into a rosy picture of 20 years of wonderfulness is a huge stretch. -Tim
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Public mailing list Public@cabforum.org https://cabforum.org/mailman/listinfo/public