Summary: mozilla.dev.security - October 28, 2006 to November 3, 2006
Return to mozilla-dev-security
Announcements
None during this week.
Discussions
Extended Validation Certificates
Major discussion this week started by Gervase Markham about security certificates, more specifically Extended Validation Certificates.
The aim of the group is to develop a new, higher standard for the validation which is done before certificate issuance, called Extended Validation. The idea was that such certs would be presented differently in the UI, to give the CAs a reason to go to the extra effort, and to give customers a reason to buy them. In IE 7 at least, the use of an EV certificate is tied to the green background in the URL bar.
A decision has to be made as to the usefulness of Extended Validation Certificates and weather or not they will make a difference to the reliability of information in certificates. If it does make a difference, does it warrant a different UI presentation for these certificates (IE the green bar).
He would like to have some comments before November 19th, after which there will possibly be a vote. All questions about the CABF are welcome.
More information about CA can be found at http://www.cabforum.org/
Meetings
None during this week.