- security News Forums
- > The right way to handle encryption with ...
- > "Trustworthy" CAs
Dave Howe, Dave Howe
(1 posting since 12 Mar 2009)
"Trustworthy" CAs 12 March 2009 14:02
Always a good idea not to put too much reliance on certificate
authorities having done the job they are paid to.
First point is that EV certificates don't always get the attention
they claim to get (and bear in mind, that it used to be that 128 bit
certificates got the level of attention now claimed for EV). Most
famously, someone managed to get a EV certificate issued to him for
mozilla.com.
Second, just because its a valid certificate, that doesn't mean the
site is what it claims to be. If I register ofamerica.com and get a
certificate for *.ofamerica.com, that doesn't mean that *my*
www.bank.ofamerica.com is where you would want to be typing in your
username and password for online banking...
- Threaded View
- Flat View
