[cabfpub] [cabfman] Improving the security of EV Certificates

Hill, Brad bhill at paypal.com
Wed Dec 18 22:46:09 UTC 2013

I guess nobody knows what you’re talking about, then.

If you mean that every individual end-user ought to manually associate certificates to website addresses in their browser(s) then naïve is not a strong enough word.

From: Eddy Nigg (StartCom Ltd.) [mailto:eddy_nigg at startcom.org]
Sent: Wednesday, December 18, 2013 2:39 PM
To: Hill, Brad
Cc: Ryan Sleevi; public at cabforum.org
Subject: Re: [cabfpub] [cabfman] Improving the security of EV Certificates

On 12/19/2013 12:33 AM, From Hill, Brad:

Either I'm very naive or don't understand what you are up to here...

[Hill, Brad] I think that’s why Ryan suggested you review at least the current draft of the pinning spec at the IETF.


What I'm talking about doesn't need a spec and we aren't talking about the same thing as I suspected.

Of course one can make everything unnecessarily complicated...it's like inventing a machine that scratches my back requiring a machinery of two rooms when I could simply take my pencil to do the same.



Eddy Nigg, COO/CTO

StartCom Ltd.<http://www.startcom.org>


startcom at startcom.org<xmpp:startcom at startcom.org>


Join the Revolution!<http://blog.startcom.org>


Follow Me<http://twitter.com/eddy_nigg>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20131218/be2e1df8/attachment-0003.html>

More information about the Public mailing list