Difference between revisions of "EV Cert"

Revision as of 15:18, 14 October 2018

Full Title or Meme

Extended Validation Certificates for SSL Web Sites with added Assurance as to the real-world identity of the Enterprise hosting the site.

Context

In response to concerns that TLS (HTTPS) encrypted interchanges could not be Validated by regular users, the CA|B forum created an audited from of certificate to satisfy users concerns. It has not lived up to expectations.

Problems

Ian Carroll summarized some of the issues here which includes this comment EV "certificates include information about the legal entity behind the certificate, but not much else. What a legal entity can be turns out to be quite flexible; James Burton, for example, recently obtained an EV certificate for his company "Identity Verified". Unfortunately, users are simply not equipped to deal with the nuances of these entities, and this creates a significant vector for phishing."

Solutions

There appears to be little reason to expect that the CA|B forum will come up with a user-centric solution, so some other forum may be required.

References

https://cabforum.org/extended-validation/

Revision as of 20:11, 9 September 2018 (view source) Tom (talk \| contribs) (→‎Solutions) ← Older edit		Revision as of 15:18, 14 October 2018 (view source) Tom (talk \| contribs) Newer edit →
Line 17:		Line 17:

	[[Category:Glossary]]		[[Category:Glossary]]
−	[[Category:~~Authorization~~]]	+	[[Category:Authentication]]

Difference between revisions of "EV Cert"

Revision as of 15:18, 14 October 2018

Contents

Full Title or Meme

Context

Problems

Solutions

References

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Tools

Sidebar Links