[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)

Subject: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)
From: morrowc.lists at gmail.com (Christopher Morrow)
Date: Sun, 11 Sep 2011 23:28:03 -0400
In-reply-to: <[email protected]>
References: <CAAAas8Fua4EbjwKs_wkrcyr1Y6TqXQYNOAC5VGANKmh3hNSfUA@mail.gmail.com> <CAL9jLaZC=UCAmMSKGSZcNcD+ijODKCR8n3Lks-Ydjy6rDq-fvg@mail.gmail.com> <CAAAwwbVcRq8q8C6y4zYZkovmL6HwB1O6Fif0KtKC_355SdsnmQ@mail.gmail.com> <CAL9jLaYYp9CK4kjdUZwae4PTGmQXEzm9UQp2oL9hkNFUMJotKg@mail.gmail.com> <[email protected]>

On Sun, Sep 11, 2011 at 11:06 PM, Hughes, Scott GRE-MG
<SHughes at grenergy.com> wrote:
> Companies that wrap their services with generic domain names (paymybills.com and the like) have no one to blame but themselves when they are targeted by scammers and phishing schemes. Even EV certificates don't help when consumers are blinded by subsidiary companies and sister companies daily (Motorola Mobility a.k.a. Google vs. Motorola Solutions.)

So, part of my point here about ev/dv/etc certs is that in almost all
cases of consumer fraud and protection, HTTPS is never used. Hell,
half the spams I get are
http://IP_ADDRESS/somethign/something/something.php ... Falling back
on the 'well ev certs are there to provide protection to the consumer'
is just FUD (I think).

again, not seeing a benefit here...

-chris

Follow-Ups:
- Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)
  - From: william.allen.simpson at gmail.com (William Allen Simpson)

References:
- Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)
  - From: mike at mikejones.in (Mike Jones)
- Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)
  - From: morrowc.lists at gmail.com (Christopher Morrow)
- Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)
  - From: mysidia at gmail.com (Jimmy Hess)
- Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)
  - From: morrowc.lists at gmail.com (Christopher Morrow)
- Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)
  - From: SHughes at GREnergy.com (Hughes, Scott GRE-MG)

Prev by Date: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)
Next by Date: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)
Previous by thread: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)
Next by thread: Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)
Index(es):
- Date
- Thread