[cabfpub] [cabfman] Improving the security of EV Certificates

Eddy Nigg (StartCom Ltd.) eddy_nigg at startcom.org
Wed Dec 18 22:27:17 UTC 2013


On 12/18/2013 11:44 PM, From Ryan Sleevi:
> Yes. And it can be VERY risky, VERY hard to get right, and is a VERY 
> costly mistake if you get wrong.

Either I'm very naive or don't understand what you are up to here...I 
can currently pin with my browser all certificates for all sites by 
simply removing all CA roots. Of course I'd prefer an easier way where I 
could pin when I want a certificate to a particular site - I guess I'm 
capable doing that. And it would satisfy my particular needs.


Regards
Signer: 	Eddy Nigg, COO/CTO
	StartCom Ltd. <http://www.startcom.org>
XMPP: 	startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: 	Join the Revolution! <http://blog.startcom.org>
Twitter: 	Follow Me <http://twitter.com/eddy_nigg>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20131219/e179e3e2/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4540 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.cabforum.org/pipermail/public/attachments/20131219/e179e3e2/attachment-0001.p7s>


More information about the Public mailing list