[Dnssec-deployment] Root Zone DNSSEC Deployment Technical Status Update
Marco d'Itri
md at Linux.IT
Mon Jul 19 09:41:17 EDT 2010
On Jul 19, Florian Weimer <fweimer at bfk.de> wrote:
> EV certs are just about the color. At the technical level, they are
> equivalent because browsers have no concept of an EV-only session.,
> and EV and non-EV HTTPS are considered of the same origin.
Also, CAs started lowering the standards for EV certificates as well,
how accurately can anybody verify a request for 99$?
I see no reason why other CAs will not lower their prices and standard
as well like it happened for "normal" certificates.
I am deeply suspicious of philosophical arguments about the intrinsic
meaning of a certificate while they actually offer equal or worse
security than DNSSEC-validated self-signed certificates.
--
ciao,
Marco
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
Url : http://dnssec-deployment.org/pipermail/dnssec-deployment/attachments/20100719/34388d4f/attachment.bin
More information about the Dnssec-deployment
mailing list