Security:EV: Difference between revisions

Jump to navigation Jump to search

Security:EV (view source)

Revision as of 00:52, 13 February 2007

213 bytes added ,  13 February 2007
→‎Contra
Line 18: Line 18:
* The CA/Browser forum is mainly an interest group of commercial certification authorities.
* The CA/Browser forum is mainly an interest group of commercial certification authorities.
* The EV guidelines can be diluted and changed over time, making them less effective.
* The EV guidelines can be diluted and changed over time, making them less effective.
* Audit procedures of the CAs can currently only be performed by four audit firms  authorized by [http://www.webtrust.org Webtrust], no real alternatives exist.
* Audit procedures of the CAs can currently only be performed by four audit firms  authorized by [http://www.webtrust.org Webtrust], no real alternatives exist as in the [http://www.mozilla.org/projects/security/certs/policy/ Mozilla CA policy] (Section 8 - 10).
* EV suggested to be ineffective against phishing ([http://www.usablesecurity.org/papers/jackson.pdf Source]).


== Proposals and Suggestions ==
== Proposals and Suggestions ==
Eddyn
82

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/48954"

Navigation menu