Kyle Hamilton: >> Indeed everything not coming from the same web site which is otherwise >> EV should be blocked. It's something like "mixed content"... >> > > So, you're stating that you propose that anyone using EV is suddenly > required (due to the Subject restriction) to move ALL aspects of the > website in-house, and are either barred from using third-party > services that are better than any code they can come up with or are > required to obtain EV certificates with their own Subject for > individual instances of every third-party service that they use?
Yes, why not? Having multiple sub domains or even different domains within the same (EV) certificate isn't an issue, but when visiting an EV site, I'd expect to stay on the EV site. EV is meant to be for high-profile sites which have a well known brands...just read the EV guidelines. I really expect Paypal not to use Google Analytics (no matter how good those are). > > Sure. How much does it cost per-EV certificate? Huuu? Nobody ever worried about the costs (besides me), why of a sudden should that matter now? > And, don't any of > the EV guidelines state that the private key associated with the > certificate must always be in the hands of the organization named in > the Subject? Did I propose something different? > > And, out of curiosity, does StartCom have an EV root? > Soon to come :-) -- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: [EMAIL PROTECTED] Blog: https://blog.startcom.org _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto