I wonder if we could add some type of verification registry. It would be nice if browser's could have a big indicator saying that this website is verified to associated with Dell inc.
Some HTTP certificates do exactly that, and web browsers used to show the company/identity the certificate was issued to in the URL bar. Now you have to go to the certificates detail, very clear on Firefox, behind a few clicks on Chrome. Here's an example from a bank in Spain: https://www.bbva.es
That was EV certificates. They were finally removed from browsers completely around five years ago because they didn’t actually work. At all. The problems were largely social. Plenty has been written about it, you can find it by searching.
Well, the original HTTPS certificates too were supposed to work like that; I remember reading a security article criticizing the EV proposal by quoting the old (circa 1998?) policy statements of different CA's and showing that they're pretty much identical to the EV requirements.
marionauta|1 year ago
varenc|1 year ago
drew-y|1 year ago
chrismorgan|1 year ago
Joker_vD|1 year ago