nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)

From: William Allen Simpson <william.allen.simpson () gmail com>
Date: Sun, 11 Sep 2011 23:51:17 -0400
On 9/11/11 11:28 PM, Christopher Morrow wrote:

On Sun, Sep 11, 2011 at 11:06 PM, Hughes, Scott GRE-MG
<SHughes () grenergy com>  wrote:

Companies that wrap their services with generic domain names (paymybills.com and the like) have no one to blame but 
themselves when they are targeted by scammers and phishing schemes. Even EV certificates don't help when consumers are 
blinded by subsidiary companies and sister companies daily (Motorola Mobility a.k.a. Google vs. Motorola Solutions.)


So, part of my point here about ev/dv/etc certs is that in almost all
cases of consumer fraud and protection, HTTPS is never used. Hell,
half the spams I get are
http://IP_ADDRESS/somethign/something/something.php ... Falling back
on the 'well ev certs are there to provide protection to the consumer'
is just FUD (I think).

again, not seeing a benefit here...


Normally, I heart my Mac.  But Apple in its infinite wisdom decided that
EV certificates are so much better, they refused to honor my edit of my
own system keychain!

So, negative benefit for the consumer.
Previous By Date Next
Previous By Thread Next

Current thread: