[cabfpub] [cabfman] Improving the security of EV Certificates

Hill, Brad bhill at paypal.com
Wed Dec 18 15:46:09 MST 2013


I guess nobody knows what you’re talking about, then.

If you mean that every individual end-user ought to manually associate certificates to website addresses in their browser(s) then naïve is not a strong enough word.

From: Eddy Nigg (StartCom Ltd.) [mailto:eddy_nigg at startcom.org]
Sent: Wednesday, December 18, 2013 2:39 PM
To: Hill, Brad
Cc: Ryan Sleevi; public at cabforum.org
Subject: Re: [cabfpub] [cabfman] Improving the security of EV Certificates


On 12/19/2013 12:33 AM, From Hill, Brad:

Either I'm very naive or don't understand what you are up to here...


[Hill, Brad] I think that’s why Ryan suggested you review at least the current draft of the pinning spec at the IETF.

http://tools.ietf.org/html/draft-ietf-websec-key-pinning-09

What I'm talking about doesn't need a spec and we aren't talking about the same thing as I suspected.

Of course one can make everything unnecessarily complicated...it's like inventing a machine that scratches my back requiring a machinery of two rooms when I could simply take my pencil to do the same.

Regards



Signer:

Eddy Nigg, COO/CTO



StartCom Ltd.<http://www.startcom.org>

XMPP:

startcom at startcom.org<xmpp:startcom at startcom.org>

Blog:

Join the Revolution!<http://blog.startcom.org>

Twitter:

Follow Me<http://twitter.com/eddy_nigg>




-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20131218/be2e1df8/attachment.html 


More information about the Public mailing list