1. EV is pointless and the vast majority of security people agree.
-
-
2. EV is the main cash cow and business model of CAs these days.
2 replies 3 retweets 20 likesShow this thread -
3. take that together and you come to the inevitable conclusion there is no credible business model for CAs, their whole business depends on telling users that they need something which they don't need.
2 replies 8 retweets 30 likesShow this thread -
I think browser people know this but are reluctant to tell the whole CA industry that it will inevitably have to go out of business.
6 replies 6 retweets 29 likesShow this thread -
Replying to @hanno
Proving once again that the browser people inexplicably want the browser to be the agent of everyone but the person it's nominally an agent for: the user.
1 reply 0 retweets 0 likes -
-
Browsers are constantly adding features to act as Publisher-Agent, Advertiser-Agent, CA-Agent, etc. and treating being User-Agent as an afterthought...
2 replies 0 retweets 1 like -
Replying to @RichFelker @hanno
If you know of anyone who fights harder for the user with the CAs than "the browser people", please enlighten me, because that must be a sight to behold.
1 reply 0 retweets 2 likes -
Is anyone else in a position to? Arguably Let's Encrypt's sponsors do by funding the project that will eventually bring down the CA industry, but aside from that browsers are the main party with any influence.
2 replies 0 retweets 0 likes -
I agree they've done some good things and are improving, but it's a constant battle getting them to do the right thing in these areas (not just CA, thinking more about Publisher/Advertiser-Agent) especially when one of the big browsers is owned by an Ad giant.
2 replies 0 retweets 0 likes
I'm lost, what has advertising got to do with EV certificates or the CA ecosystem?
-
-
They're all places where the interests of some third party that don't match (and usually conflict with) the interests of the user are still being preserved more strongly than the interests of the user.
1 reply 0 retweets 0 likes -
Replying to @RichFelker @hanno
Your claim was that because browser vendors haven't reached the same conclusion as
@hanno (That commercial CAs are going to die), this proves they aren't an agent for the user. I think you've moved the goalposts here, no?1 reply 0 retweets 0 likes - 15 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.