[cabfpub] Breach Insurance

Stephen Davidson S.Davidson at quovadisglobal.com
Mon Dec 22 16:34:26 UTC 2014


An observation that may or may not sway your opinion:  the goal of EV was to create uniform requirements across CAs, and this proposal will introduce variation.  
As I understand it, the "qualified SSL" under eIDAS are likely to be based on EV.  Thus, a "qualified EV" would have an insurance level that "normal EV" may not have.

Best, Stephen


-----Original Message-----
From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On Behalf Of Ben Wilson
Sent: Monday, December 22, 2014 12:09 PM
To: Gervase Markham; i-barreira at izenpe.net; Dean_Coclin at symantec.com; public at cabforum.org
Subject: Re: [cabfpub] Breach Insurance

Understood.  I just need to talk with Iñigo and any other European CAs to understand better about their concerns.

-----Original Message-----
From: Gervase Markham [mailto:gerv at mozilla.org] 
Sent: Monday, December 22, 2014 8:37 AM
To: Ben Wilson; i-barreira at izenpe.net; Dean_Coclin at symantec.com; public at cabforum.org
Subject: Re: [cabfpub] Breach Insurance

On 22/12/14 15:24, Ben Wilson wrote:
> My proposal is all about making more information publicly available.

Right. That wasn't a dig at your proposal. I don't think a disclosure requirement is particularly onerous (open to arguments...), so I'm OK with that.

Gerv
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5494 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20141222/d2c80192/attachment-0001.p7s>


More information about the Public mailing list