Kyle Hamilton wrote: > Hmmm... actually, it would be possible, but only with the cooperation > of the CAs. > > We currently know the EV policy OIDs for EV-enabled roots. What we > don't know is the policy OIDs assigned for different types of > validation,
...nor do we have, more to the point, a concrete definition of what should qualify as 'OV'. Each CA does things differently. That's why EV was created - to provide a minimum, defined, auditable standard of checking for purchaser identity. Saying "browsers need to differentiate DV from OV" is basically saying "we need to do the entire EV process again, but setting a lower bar". Gerv _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
