[cabfpub] [cabfman] Improving the security of EV Certificates
bhill at paypal.com
Wed Dec 18 22:46:09 UTC 2013
I guess nobody knows what you’re talking about, then.
If you mean that every individual end-user ought to manually associate certificates to website addresses in their browser(s) then naïve is not a strong enough word.
From: Eddy Nigg (StartCom Ltd.) [mailto:eddy_nigg at startcom.org]
Sent: Wednesday, December 18, 2013 2:39 PM
To: Hill, Brad
Cc: Ryan Sleevi; public at cabforum.org
Subject: Re: [cabfpub] [cabfman] Improving the security of EV Certificates
On 12/19/2013 12:33 AM, From Hill, Brad:
Either I'm very naive or don't understand what you are up to here...
[Hill, Brad] I think that’s why Ryan suggested you review at least the current draft of the pinning spec at the IETF.
What I'm talking about doesn't need a spec and we aren't talking about the same thing as I suspected.
Of course one can make everything unnecessarily complicated...it's like inventing a machine that scratches my back requiring a machinery of two rooms when I could simply take my pencil to do the same.
Eddy Nigg, COO/CTO
startcom at startcom.org<xmpp:startcom at startcom.org>
Join the Revolution!<http://blog.startcom.org>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Public