[cabfpub] Limitation of Liability and Indemnification
Gervase Markham
gerv at mozilla.org
Tue Oct 24 08:54:45 UTC 2017
On 23/10/17 16:26, Ryan Sleevi wrote:
> No, I mean both with respect to the misissuance of EV (I can think of
> several CAs that have done so)
You are right; my language was loose. What I meant to say was, we have
no confirmed cases of misissuance via a successful attack on the EV
validation system (i.e. person A trying and succeeding to get an EV cert
for a site they do not own or control, and managing to have it filled
with fake rather than real information so they cannot be held to account).
Gerv
More information about the Public
mailing list