I had a realization about EV certs recently: They don't make any sense if you have any third party content. Do people agree with that?
-
-
a crappy mitigation would be to block all persistence for local origins. But if windows stay open during network change...
-
yeah, thought about that, too. Or all routers have to implement subressource integrity
- 4 more replies
New conversation -
-
-
:
@johnwilander has ideas about single-provenance sites. I’m skeptical of the value given the way we build things today. -
Yes, I refer to it as single-trust sites. Users should know which org they interact with for sensitive things.
- 1 more reply
New conversation -
-
-
: I’m also skeptical of the value of an EV cert in general. :)
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.