Re: Question on necessity of SSL_CTX_set_client_CA_list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> On Dec 6, 2018, at 5:56 PM, Jakob Bohm via openssl-users <openssl-users@xxxxxxxxxxx> wrote:
> 
>> While the point of EV was that it certified a binding to a (domain + business name)
>> rather than just a domain with DV, it turned out that displaying the business name
>> was also subject to abuse, and the security gain proved elusive.
>> 
>>   https://www.troyhunt.com/extended-validation-certificates-are-dead/
> 
> A traveling salesman for a cloud provider.

That's an ad-hominem argument.  Just because he may have an agenda,
does not mean he's wrong.  One might wish he were wrong, but perhaps
the market has spoken otherwise.  Or perhaps he really is wrong, we'll
see...

-- 
	Viktor.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux