On Fri, Aug 16, 2019 at 01:37:40PM +0000, Doug Beattie via dev-security-policy wrote: > DB: Yes, that's true. I was saying that phishing sites don't use EV, not > that EV sites don't get phished > > Surely this shows that EV is not needed to make phishing work, not that EV > reduces phishing? > > [DB] It should show that users are safer when visiting an EV secured site.
When you have evidence of that, please feel free to share it. Everything that has been presented so far doesn't *actually* show that, it merely shows something else that people then furiously hand-wave into "see, security!". - Matt _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
