Summary: mozilla.dev.security - October 28, 2006 to November 3, 2006

Return to mozilla-dev-security


None during this week.


Extended Validation Certificates

Major discussion this week started by Gervase Markham about security certificates, more specifically Extended Validation Certificates.

The aim of the group is to develop a new, higher standard for the validation which is done before certificate issuance, called Extended Validation. The idea was that such certs would be presented differently in the UI, to give the CAs a reason to go to the extra effort, and to give customers a reason to buy them. In IE 7 at least, the use of an EV certificate is tied to the green background in the URL bar.

A decision has to be made as to the usefulness of Extended Validation Certificates and weather or not they will make a difference to the reliability of information in certificates. If it does make a difference, does it warrant a different UI presentation for these certificates (IE the green bar).

He would like to have some comments before November 19th, after which there will possibly be a vote. All questions about the CABF are welcome.

More information about CA can be found at http://www.cabforum.org/


None during this week.