[cabfpub] Proposed motion to modify EV domain verification section

Eddy Nigg (StartCom Ltd.) eddy_nigg at startcom.org
Tue May 7 19:13:12 UTC 2013

On 05/07/2013 07:19 PM, From Rich Smith:
> I think we are waaay over complicating this.  Our role as CAs is two-fold:
> 1) Verify domain ownership/control
> 2) For OV and EV certs, verify the identity of the individual or 
> organization to be named in the certificate Subject details to the 
> degree prescribed by the BR or EV Guidelines respectively.

If that is true, could be please perhaps help me understand what the 
differences between BR OV and EV effectively are? Or in other words, 
what would we have to adjust besides your proposal to make OV and EV 
exactly the same thing?

If your suggestion and proposal will be acceptable to the CABF members 
including the browser vendors, we might want to align BR OV and EV 
further to the point so that OV could be basically relinquished. 
Considering that browser don't make any effort for BR IV/OV anyway, we 
might pursue such an effort.

It might reduce the quality of EV slightly, but with the benefit for 
higher adoption. I was always under the impression that EV means 
EXTENDED validation - and one of the goals is to clearly identify the 
entity to a visitor that he would expect to see at the site/certificate. 
E.g. somebody visiting paypal.com expects to see PayPal, Inc. (US) and 
not SomeISP, LLC (US).

Signer: 	Eddy Nigg, COO/CTO
	StartCom Ltd. <http://www.startcom.org>
XMPP: 	startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: 	Join the Revolution! <http://blog.startcom.org>
Twitter: 	Follow Me <http://twitter.com/eddy_nigg>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130507/5b601cac/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4540 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130507/5b601cac/attachment-0001.p7s>

More information about the Public mailing list