Re: clarifications needed re safe form editor cert matching algorithm

Given that the attestation for a non-EV cert is control over the domain,
 this still applies to subdomains.  So I'm not sure why all low-grade
certs shouldn't use wildcards (other than more profit for CAs).  Why
shouldn't we just treat them this way with regard to which warnings we show?

Granted, I agree with you guys about the theoretical problems.  The
issue is weighing these against being pragmatic.  We will not be able to
create effective warnings if we only consider "perfect" situations.  We
need to consider what is actually happening.


Thomas Roessler wrote:
> On 2007-10-12 10:30:50 -0700, Ian Fette wrote:
>> LOL... all I'm saying is this. For the case of www vs bare
>> hostname, I can see this being common enough to warrant
>> investigation. For the other cases, I see a lot of risk in terms
>> of opening up new attack vectors, changing defaults, breaking
>> standards etc, but I'm not sure I really see the benefit.
> Considering that the "real" fix for the problem is a wildcard cert,
> I'm leaning toward agreeing with you on this one, my prior remark
> nonwithstanding.

Serge Egelman

PhD Candidate
Vice President for External Affairs, Graduate Student Assembly
Carnegie Mellon University

Legislative Concerns Chair
National Association of Graduate-Professional Students

Received on Friday, 12 October 2007 18:33:44 UTC