[cabfpub] Breach Insurance

Gervase Markham gerv at mozilla.org
Mon Dec 22 16:46:03 UTC 2014

On 22/12/14 16:34, Stephen Davidson wrote:
> An observation that may or may not sway your opinion:  the goal of EV
> was to create uniform requirements across CAs, and this proposal will
> introduce variation. As I understand it, the "qualified SSL" under
> eIDAS are likely to be based on EV.  Thus, a "qualified EV" would
> have an insurance level that "normal EV" may not have.

If other people want to build standards on EV, we aren't going to stop
them. But if they add additional requirements, we can't let that force
us to add those requirements also - because otherwise, everyone else
would be making the CAB Forum's decisions for us.


More information about the Public mailing list