[cabfpub] Proposed motion to modify EV domain verification section
Eddy Nigg (StartCom Ltd.)
eddy_nigg at startcom.org
Tue May 7 19:13:12 UTC 2013
On 05/07/2013 07:19 PM, From Rich Smith:
>
> I think we are waaay over complicating this. Our role as CAs is two-fold:
>
> 1) Verify domain ownership/control
>
> 2) For OV and EV certs, verify the identity of the individual or
> organization to be named in the certificate Subject details to the
> degree prescribed by the BR or EV Guidelines respectively.
>
If that is true, could be please perhaps help me understand what the
differences between BR OV and EV effectively are? Or in other words,
what would we have to adjust besides your proposal to make OV and EV
exactly the same thing?
If your suggestion and proposal will be acceptable to the CABF members
including the browser vendors, we might want to align BR OV and EV
further to the point so that OV could be basically relinquished.
Considering that browser don't make any effort for BR IV/OV anyway, we
might pursue such an effort.
It might reduce the quality of EV slightly, but with the benefit for
higher adoption. I was always under the impression that EV means
EXTENDED validation - and one of the goals is to clearly identify the
entity to a visitor that he would expect to see at the site/certificate.
E.g. somebody visiting paypal.com expects to see PayPal, Inc. (US) and
not SomeISP, LLC (US).
Regards
Signer: Eddy Nigg, COO/CTO
StartCom Ltd. <http://www.startcom.org>
XMPP: startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: Join the Revolution! <http://blog.startcom.org>
Twitter: Follow Me <http://twitter.com/eddy_nigg>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130507/5b601cac/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4540 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130507/5b601cac/attachment-0001.p7s>
More information about the Public
mailing list