• Guest
HabraHabr
  • Main
  • Users

  • Development
    • Programming
    • Information Security
    • Website development
    • JavaScript
    • Game development
    • Open source
    • Developed for Android
    • Machine learning
    • Abnormal programming
    • Java
    • Python
    • Development of mobile applications
    • Analysis and design of systems
    • .NET
    • Mathematics
    • Algorithms
    • C#
    • System Programming
    • C++
    • C
    • Go
    • PHP
    • Reverse engineering
    • Assembler
    • Development under Linux
    • Big Data
    • Rust
    • Cryptography
    • Entertaining problems
    • Testing of IT systems
    • Testing Web Services
    • HTML
    • Programming microcontrollers
    • API
    • High performance
    • Developed for iOS
    • CSS
    • Industrial Programming
    • Development under Windows
    • Image processing
    • Compilers
    • FPGA
    • Professional literature
    • OpenStreetMap
    • Google Chrome
    • Data Mining
    • PostgreSQL
    • Development of robotics
    • Visualization of data
    • Angular
    • ReactJS
    • Search technologies
    • Debugging
    • Test mobile applications
    • Browsers
    • Designing and refactoring
    • IT Standards
    • Solidity
    • Node.JS
    • Git
    • LaTeX
    • SQL
    • Haskell
    • Unreal Engine
    • Unity3D
    • Development for the Internet of things
    • Functional Programming
    • Amazon Web Services
    • Google Cloud Platform
    • Development under AR and VR
    • Assembly systems
    • Version control systems
    • Kotlin
    • R
    • CAD/CAM
    • Customer Optimization
    • Development of communication systems
    • Microsoft Azure
    • Perfect code
    • Atlassian
    • Visual Studio
    • NoSQL
    • Yii
    • Mono и Moonlight
    • Parallel Programming
    • Asterisk
    • Yandex API
    • WordPress
    • Sports programming
    • Lua
    • Microsoft SQL Server
    • Payment systems
    • TypeScript
    • Scala
    • Google API
    • Development of data transmission systems
    • XML
    • Regular expressions
    • Development under Tizen
    • Swift
    • MySQL
    • Geoinformation services
    • Global Positioning Systems
    • Qt
    • Dart
    • Django
    • Development for Office 365
    • Erlang/OTP
    • GPGPU
    • Eclipse
    • Maps API
    • Testing games
    • Browser Extensions
    • 1C-Bitrix
    • Development under e-commerce
    • Xamarin
    • Xcode
    • Development under Windows Phone
    • Semantics
    • CMS
    • VueJS
    • GitHub
    • Open data
    • Sphinx
    • Ruby on Rails
    • Ruby
    • Symfony
    • Drupal
    • Messaging Systems
    • CTF
    • SaaS / S+S
    • SharePoint
    • jQuery
    • Puppet
    • Firefox
    • Elm
    • MODX
    • Billing systems
    • Graphical shells
    • Kodobred
    • MongoDB
    • SCADA
    • Hadoop
    • Gradle
    • Clojure
    • F#
    • CoffeeScript
    • Matlab
    • Phalcon
    • Development under Sailfish OS
    • Magento
    • Elixir/Phoenix
    • Microsoft Edge
    • Layout of letters
    • Development for OS X
    • Forth
    • Smalltalk
    • Julia
    • Laravel
    • WebGL
    • Meteor.JS
    • Firebird/Interbase
    • SQLite
    • D
    • Mesh-networks
    • I2P
    • Derby.js
    • Emacs
    • Development under Bada
    • Mercurial
    • UML Design
    • Objective C
    • Fortran
    • Cocoa
    • Cobol
    • Apache Flex
    • Action Script
    • Joomla
    • IIS
    • Twitter API
    • Vkontakte API
    • Facebook API
    • Microsoft Access
    • PDF
    • Prolog
    • GTK+
    • LabVIEW
    • Brainfuck
    • Cubrid
    • Canvas
    • Doctrine ORM
    • Google App Engine
    • Twisted
    • XSLT
    • TDD
    • Small Basic
    • Kohana
    • Development for Java ME
    • LiveStreet
    • MooTools
    • Adobe Flash
    • GreaseMonkey
    • INFOLUST
    • Groovy & Grails
    • Lisp
    • Delphi
    • Zend Framework
    • ExtJS / Sencha Library
    • Internet Explorer
    • CodeIgniter
    • Silverlight
    • Google Web Toolkit
    • CakePHP
    • Safari
    • Opera
    • Microformats
    • Ajax
    • VIM
  • Administration
    • System administration
    • IT Infrastructure
    • *nix
    • Network technologies
    • DevOps
    • Server Administration
    • Cloud computing
    • Configuring Linux
    • Wireless technologies
    • Virtualization
    • Hosting
    • Data storage
    • Decentralized networks
    • Database Administration
    • Data Warehousing
    • Communication standards
    • PowerShell
    • Backup
    • Cisco
    • Nginx
    • Antivirus protection
    • DNS
    • Server Optimization
    • Data recovery
    • Apache
    • Spam and antispam
    • Data Compression
    • SAN
    • IPv6
    • Fidonet
    • IPTV
    • Shells
    • Administering domain names
  • Design
    • Interfaces
    • Web design
    • Working with sound
    • Usability
    • Graphic design
    • Design Games
    • Mobile App Design
    • Working with 3D-graphics
    • Typography
    • Working with video
    • Work with vector graphics
    • Accessibility
    • Prototyping
    • CGI (graphics)
    • Computer Animation
    • Working with icons
  • Control
    • Careers in the IT industry
    • Project management
    • Development Management
    • Personnel Management
    • Product Management
    • Start-up development
    • Managing the community
    • Service Desk
    • GTD
    • IT Terminology
    • Agile
    • Business Models
    • Legislation and IT-business
    • Sales management
    • CRM-systems
    • Product localization
    • ECM / EDS
    • Freelance
    • Venture investments
    • ERP-systems
    • Help Desk Software
    • Media management
    • Patenting
    • E-commerce management
    • Creative Commons
  • Marketing
    • Conferences
    • Promotion of games
    • Internet Marketing
    • Search Engine Optimization
    • Web Analytics
    • Monetize Web services
    • Content marketing
    • Monetization of IT systems
    • Monetize mobile apps
    • Mobile App Analytics
    • Growth Hacking
    • Branding
    • Monetize Games
    • Display ads
    • Contextual advertising
    • Increase Conversion Rate
  • Sundry
    • Reading room
    • Educational process in IT
    • Research and forecasts in IT
    • Finance in IT
    • Hakatonas
    • IT emigration
    • Education abroad
    • Lumber room
    • I'm on my way

EV certificates are dead

That's it, I said it: extended validation certificates are dead. Of course, you can still buy them (and some companies will sell you with pleasure!), But their benefits have now decreased from “hardly” to “nonexistent”. The change was due to a number of factors, including the increasing popularity of mobile devices, the removal of the visual EV indicator from browsers, from iOS (and also from MacOS Mojave):
 
3r3r9959.  
EV certificates are dead 3r3r9959.  
3r311. 3r3r6956. 3r3r9959.  
For illustration, I chose the Comodo website, because they showed such despair associated with selling EV, just a month ago sending me a sales letter with the heading "How to get the green address bar for your website." In the letter, they begin to tell the "alternative" version of the truth:
 
3r3r9959.  
3r3r9959.  
3r3r9959.  
Indeed, this is what Firefox looks like today, but they completely forget to mention in an advertising letter that this is a purely arbitrary visual indicator that is left to the discretion of browser developers. Obviously, Apple has already killed him, but even for many people on Chrome, the Comodo website actually looks very different (Chrome experiment): 3r3959.  
3r3r9959.  
3r3r9959.  
3r3r9959.  
The letter says how EV fights phishing, and states the following: 3r3959.  
3r3r9959.  
3r33932. Displaying a verified company name allows you to quickly identify the legal entity behind the website, which makes phishing and deception difficult. 3r33339. 3r3r9959.  
In other words, if we see the name of the company - this leads to a higher level of trust, and if we invert this statement, then if we are not we see the name of the company, this leads to a decrease in confidence, is not it The problem is that people are simply not expect r3r3946. see the name of the company, and there is a very simple, effective demonstration of why this is so:
 
3r3r9959.  
3r3r9959.  
3r33943. 3r33944. Ten largest sites in the world: there is no EV 3r3393945 anywhere. 3r33939. 3r3r9959.  
3r3r9959.  
Comodo continues to convince in the effectiveness of EV, citing a "recent study": 3r3-3959.  
3r3r9959.  
3r33932. “A recent DevOps.com study found that customers are 50% more likely to trust and buy on sites with a green address bar.” 3r33339. 3r3r9959.  
They refer to r3r368. a long page in ComodoStore
and although this is not explicitly stated anywhere, the words imply that the research was somehow independent and impartial: “Devops.com did a survey,” and other similar phrases. I'm He made a comment on this back in July , but this screenshot says everything you need to know about the motives of the “survey”:
 
3r3r9959.  
3r376. 3r3r9959.  
3r3r9959.  
I honestly tried to find out the customer of this work, first writing the author Tony Bradley, and not receiving a reply, I requested on twitter 3r3381. @TechSpective
where he is the chief editor, and @devopsdotcom (by the way, my followers) who published the poll:
 
3r3r9959.  
3r33961. 3r33939.
Still trying to get an answer on this, can @RealTonyBradley , 3r3394. @TechSpective
or @devopsdotcom kindly clarify? The motives behind this study are 3r3r9959. 3r3r9959. Does anyone have a contact clarity? 3r3-300. https://t.co/Ylw9Jird1g
3r33921. - Troy Hunt (@troyhunt) August 2? 201 3r33339.
3r33926. 3r33973.
3r33975. 3r3r9959.  
In the end, a completely obvious fact was confirmed by Tony Bradley. He apologized for the late reply, because he rarely logged on Twitter, and called the customer - Comodo CA. 3r3r9959.  
3r3r9959.  
3r33961. 3r33939.
Hey. My apologies for taking so long to respond. I post a lot, but rarely look at mentions or replies on Twitter. Report was commissioned by Comodo CA. 3r33921. - Tony Bradley (@RealTonyBradley) August 2? 201 3r33339.
3r33926. 3r33973.
3r33975. 3r3r9959.  
I would like to see this indication in the report itself, because Comodo's involvement clearly leads to bias. It’s as if the oil company orders a report with the conclusion that fossil fuels are not harmful to the environment, or the tobacco company will declare that smoking is not harmful to health. If you still think that DevOps.com really believes in the "benefit" of EV certificates, take a look at their own:
 
3r3r9959.  
3r3r9959.  
3r3r9959.  
This resource is repeatedly mentioned in the comodo mail advertising letter, but let's move on. They further declare that you can “activate the green address bar” by simply purchasing an EV certificate:
 
3r3r9959.  
3r33932. "To activate the green address bar on your website, you just need to purchase and install the SSL Extended Validation (EV) certificate." 3r33339. 3r3r9959.  
Only not in the world's most popular browser for iOS:
 
3r3r9959.  
3r3152. 3r3r9959.  
3r3r9959.  
And not in Chrome for Android, the most popular OS in the world:
 
3r3r9959.  
3r3161. 3r3r9959.  
3r3r9959.  
Let's take a look at Microsoft Edge on iOS, and again this predictable result:
 
3r3r9959.  
3r33170. 3r3r9959.  
3r3r9959.  
This is very, very important screenshots that reduce the value of EV for two key reasons. First, already almost 2/3 of all page views in the world come from mobile devices 3r3956. . That is, the screenshots above show the prevailing view that the site owner should think about. Secondly, as a result, companies cannot tell their customers to expect EV, because most of them will never see it. Despite this, Comodo suggests that EV has the benefit of a “longer green security line”:
 
3r3r9959.  
3r33932. "The big green security bar is a very clear signal to the user that the site is safe." 3r33339. 3r3r9959.  
Do you know what exactly is such a signal? The green icon next to the Chrome URL on the desktop! And if you read it and think: “Wait, Chrome no longer does that,” then you are absolutely right. The icon no longer stands out and there is no word 3r3393943. Secure
:
 
3r3r9959.  
3r3193. 3r3r9959.  
3r3r9959.  
The change in Chrome 69 of September 4 affected not only DV, but also sites with EV:
 
3r3r9959.  
3r3202. 3r3r9959.  
3r3r9959.  
Here I try to emphasize that visual indicators are completely at the discretion of browser developers and change over time. Thus, the phrase "How to get the green address bar on your site" is now even more incorrect than when it was written! In fact, the only more or less accurate representation of EV in this letter is the recognition that you are 3r3207. Can't get the certificate EV wildcard
. But wait! There is an easily accessible solution, just a little more expensive, it is called multidomain certificate r3r3956. This option is the default for
Comodo's Enterprise SSL Pro with EV Multi-Domain
really save you $ ??? *:
 
3r3r9959.  
3r3r9959.  
3r3r9959.  
* Note: you need to spend $ ???? to get this savings
 
3r3r9959.  
For clarity, this is not a four-year certificate. As the text below shows, the CA /B Forum rules limit the maximum validity of a certificate to two years, and then you need to manually repeat the verification and issuance process. But damn, it will not allow us to sell certificates for 4 years! 3r3r9959.  
3r3r9959.  
And what if you are not extend certificate? Well, you get is 3r3r6956. :
 
3r3r9959.  
3r3r9959.  
3r3r9959.  
You might think, “Well, that’s kind of obvious, as is the case with DV,” but there are nuances. First, the neglect of certificate renewal occurs with alarming regularity, and this happens with big guys. For example, 3r34343. Microsoft forgot to update secure.microsoft.co.uk in 200?
. Too long ago? They are did not renew the certificate for the Azure domain in 2013 . And of course, such problems are not only for Microsoft: well, HSBC forgot to renew the certificate in 2008 3r3956. ,
Instagram has this problem happened three years ago
, and LinkedIn has last year . There are many, 3r3393943. a lot of [/i] Other examples, and they all make it clear the same truism: if there is an important and repetitive task, automate it! 3r3r9959.  
3r3r9959.  
Which brings me to the second point: updating the certificate should be automated, and this is something you simply cannot do if identity verification is required. With a DV certificate, automation is simple; it is the cornerstone of Let's Encrypt and a really important attribute of this service. Recently, I spent some time with the development team at a large European bank, and they were seriously thinking about abandoning EV for just that reason. In fact, not only for this reason, there was also a risk that they would need to get a new certificate very quickly (for example, because of the compromise of keys), which is much more difficult for EV than for DV. In addition, long-term certificates actually create additional risks due to 3r33259. broken revocation procedure
therefore, fast iterations (for example, Let's Encrypt certificates last 3 months) become an advantage. Certificates valid for two years are 3r3394343. not [/i] advantage, except in terms of making money on them
 
3r3r9959.  
(Paradoxically, the LinkedIn story at the link above is linked to TheSSLStore.com which is a reseller of certificates. You understand the risks, but instead of offering automation as part of a certificate renewal solution, they offer solutions that "scale to enterprise level" Certification, such as Comodo, which, of course, pushes EV. There is no mention of Let's Encrypt. It is 3r3-33267 loudly criticized for issuing certificates to phishing sites 3r3956. same 3r3956.! 3r3959.  
3r3r9959.  
Lack of support for wildcard is one of the main technical the reasons why EV should be avoided (other reasons are basically just common sense), and filling in the subjectAltName field can hardly be called a sufficient alternative. For example, we have a wildcard certificate on our website Report URI 3r3956. , so you can send reports at https: //[my company name].report-uri.com, and we have hundreds of such subdomains. Comodo is happy to support this scale: 3r3r9959.  
3r3r9959.  
3r3r9959.  
3r3r9959.  
In addition, we have with
By Scott Helm
There is really no $ 808 thousand, it is also far from the real wildcard certificate, because at the time of its issuance you will have to specify all host names instead of dynamic maintenance. 3r3r9959.  
3r3r9959.  
And the last point in this marketing letter is the promise of a guarantee:
 
3r3r9959.  
3r3r9959.  
3r3r9959.  
It refers directly to the page with super expensive multi-domain EV certificates and does not even try to explain the essence of the guarantee, which is a bit strange. But it is quite understandable, because no one really knows what a guarantee is and whether anyone ever applied for it . Seriously - this should not be a frivolous statement, Scott and I honestly tried to figure it out at the beginning of the year - and simply could not get direct answers. When I managed to enter into a dialogue, I was accused of being “out of nerds”: 3r3-3959.  
3r3r9959.  
3r33961. 3r33939.
I’m trying to make it clear. Real customers want to know how to use it. Do you know? 3r33921. - Troy Hunt (@troyhunt) February 2? 201 3r33339.
3r33926. 3r33973.
3r33975. 3r3r9959.  
3r33944. Dialogue:
 
3r33333. Andreas Mallek [/b] : Andy, these guys do not want to admit their difference - they are too much of a nerd to understand that normal people have different needs than people in Nerdville. I communicate both in Nerdville and in the normal world, focusing on the problems of my clients from the real world. See you 3r3959.  
3r33333. Troy Hunt [/b] : Andreas, I asked a very reasonable question and this is important because the certificates are sold with a guarantee, and I try to understand what this means. Real customers want to know what this guarantee covers and are there documented examples of its use? Do you know about them? 3r33939. 3r3r9959.  
3r3r9959.  
By all accounts, this was a very unexpected answer not from anyone, but from the executive director 3r33337. CertCentre
After all, he seems to be the first to appreciate the high importance of a certificate guarantee (provided that it is really important, of course). If you pay such a company for a product with a stated set of functions, then being a “nerd” is quite normal to ask how these functions work, and this should not lead to ridicule from the guy who manages this company. Unfortunately, instead of answering the question, Andreas applied the tried and tested ostrich method:
 
3r3r9959.  
3r33333. 3r3r9959.  
3r3r9959.  
What really raises questions is that the guarantee is sold for money (of course, you do not receive a guarantee with Let's Encrypt certificate), but they are not ready to explain thathtrno you get for your money. CertCentre also actively promotes the guarantee as an “element of the highest level of security” 3r3956. :
 
3r3r9959.  
3r33354. 3r3r9959.  
3r3r9959.  
But friends, if you can't even write the word 3r3393943 correctly. Warranty [/i] What are the real chances of understanding what she is doing ?! 3r3r9959.  
3r3r9959.  
Another nail in the coffin of EV is 3r33333. Scott's semi-annual report Alexa Top 1M
from last month. It provides encouraging statistics on the transition of sites from HTTP to HTTPS: 3r3959.  
3r3r9959.  
3r33333. 3r3r9959.  
3r3r9959.  
HTTPS sites are already 52%, which is very good for the Internet as a whole. But I was interested in such a comment regarding EV:
 
3r3r9959.  
3r33932. “Despite the strong growth of HTTPS at the first million sites, there is no growth in the share of EV certificates.” 3r33339. 3r3r9959.  
In numbers: in February, 36?005 sites forwarded HTTP requests to HTTPS and ??? of them used EV certificates, which is ???% of HTTPS sites. In August, 48?293 were redirected to HTTPS, and 2?158 of them had EV certificates, which is ???%. In other words, the EV market share declined by about 5%. 3r3r9959.  
3r3r9959.  
(Note: 48?293 really makes up 52% ​​of the million sample, because of 47 thousand sites, scanning failed and they are excluded from the statistics). 3r3r9959.  
3r3r9959.  
It turns out that many sites are in fact refuse r3r3946. from EV certificates. A month ago, Scott provided a detailed list of large sites that used EV before. : among them are Shutterstock, Target, UPS and the British police. At about the same time I was Noticed 3r3956. that even Twitter abandoned EV. 3r3r9959.  
3r3r9959.  
The Twitter story is a bit strange, because in fact you could see whether or not the EV certificate was on their website, depending on your location. This also says something about the effectiveness of EV: if they are ready to remove or add it, then people are unlikely to behave differently and trust the site without EV less. But this is the basis on which the EV mechanic is built! 3r3r9959.  
3r3r9959.  
Misinformation campaigns are conducted not only by Comodo and CertCentre, but also by many others, for example:
 
3r3r9959.  
3r33961. 3r33939.
An SSL guide at at
https://t.co/tmGYZ4eBPB 3r3155. #guide
3r33417. #evssl
3r33434. #ssl
3r33421. #sslcertificate
3r33434. #infosecurity
3r33434. pic.twitter.com/oPt2FWHnOg
3r33921. - AboutSSL (@aboutssl) August 1? 201 3r33339.
3r33926. 3r33973.
3r33975. 3r3r9959.  
In addition to the selection of historical browsers (how old is this image ?!), in 3r3438. Article link 3r3956. The following statement is made: 3r3959.  
3r3r9959.  
3r33932. “Web security experts recommend using an EV SSL certificate for platforms such as e-commerce, banks, social media, healthcare, government, and insurance platforms.” 3r33339. 3r3r9959.  
I'm not sure who they refer to in the first words, but I know that, apart from banks, this statement simply does not hold water for other industries. It is easy to demonstrate how fundamentally wrong it is. 3r3r9959.  
3r3r9959.  
Here is The world's largest e-commerce sites . Click each one and see if they have an EV:
 
3r3r9959.  
3r33584.  
3r? 3596. 3rr3461. Amazon
3r3599.  
3r? 3596. 3r33466. Netflix
3r3599.  
3r? 3596. 3r33471. eBay 3r3956. 3r3599.  
3r3601. 3r3r9959.  
You can say that Alexa incorrectly classified Netflix as an e-commerce site, well then look at the next most popular walmart.com - and get the same result. There is no EV anywhere. 3r3r9959.  
3r3r9959.  
Moving on. C 3r3484. social media is the same situation
:
 
3r3r9959.  
3r33584.  
3r? 3596. Facebook 3r3599.  
3r? 3596. Twitter 3r3599.  
3r? 3596. LinkedIn 3r3599.  
3r3601. 3r3r9959.  
As discussed earlier, Twitter has a small identity crisis in terms of whether it supports EV, so for faithfulness, check out the fourth largest website: this is 3r33510. Pinterest
. 3r3r9959.  
3r3r9959.  
On 3r?316. The world's most popular health care sites
the same:
 
3r3r9959.  
3r33584.  
3r? 3596. 3r33525. National Health Institute 3r3956. 3r3599.  
3r? 3596. 3r? 3530. WebMD 3r3956. 3r3599.  
3r? 3596. 3r33535. Mayo Clinic
3r3599.  
3r3601. 3r3r9959.  
No EV. At all. Not the only one. 3r3r9959.  
3r3r9959.  
I could not find a clear list of the largest public websites, so I pulled the data out of 3r-3546. night crawling Alexa Top 1M from Scott
and chose the largest sites in the .gov zone. The National Institute of Health is the largest, but we have already reviewed it, so we take the following three: 3r3959.  
3r3r9959.  
3r33584.  
3r? 3596. 3r33555. Indian Agency for Unique Identification
(which has 3r33557. other fundamental problems with HTTPS support
) 3r35999.  
3r? 3596. 3r? 3562. The Tax Inspectorate of India
3r3599.  
3r? 3596. 3r? 3567. GOV.UK
3r3599.  
3r3601. 3r3r9959.  
By now, you have already realized that the chance to meet EV is at least somewhere minimal. You are right - not a single hit. 3r3r9959.  
3r3r9959.  
Finally, 3r33578. top insurance sites
:
 
3r3r9959.  
3r33584.  
3r? 3596. 3r33587. United Services Automobile Association
3r3599.  
3r? 3596. 3r? 3592. Kaiser Permanente
3r3599.  
3r? 3596. 3r? 3597. Geico
3r3599.  
3r3601. 3r3r9959.  
We found one! USAA really has an EV certificate! The other two don't, but that's at least something, right? 3r3r9959.  
3r3r9959.  
If “web security experts” recommend EV for these classes of sites, then obviously these sites do not listen to them. So such recommendations are poetic. 3r3r9959.  
3r3r9959.  
Another set of unsubstantiated claims about SSL is that EV "increases the conversion of transactions", "reduces the departure from the shopping cart" and "protects against phishing attacks." One can understand why they make such statements: the reason is visible in the form of buttons immediately below the text:
 
3r3r9959.  
3r31616. 3r3r9959.  
3r3r9959.  
So, we are back to a clear bias. But hey, they are just trying to do business, so I understand the motives. You can still assume that starting such a business, they themselves would like to increase the conversion, is not it? Well, that's funny:
 
3r3r9959.  
3r33625. 3r3r9959.  
3r3r9959.  
Even the EV seller is smart enough not to spend money on it! In addition, we recall that the “green address bar” itself has now completely disappeared thanks to the most popular browser in the world, which killed it in version 69.
 
3r3r9959.  
There is an argument with phishing. It is often stated that EV somehow reduces it. This is what is stated on the slide from the Entrust presentation since the beginning of this year:
 
3r3r9959.  
3r3638. 3r3r9959.  
3r3r9959.  
There are a whole bunch of frauds here, and for the best analysis read this thread 3r3956. from Ryan Slevi. He analyzed 3r33645. study 3r3r6956. on which the slide is based. 3r3r9959.  
3r3r9959.  
Ryan is a very smart cryptographer who works on Chromium, and he has an excellent ability to display any nonsense clearly. In the end he is
sums up the situation r3r3956. : “In general, this is a bad article. But even worse, they are trying to pass it off as a “data” study. At the same time, an erroneous methodology and a selective approach are used to support a business model that relies on users who are fully responsible for detecting changes in the user interface. ” 3r3r9959.  
3r3r9959.  
That is, we return to the fact that EV will be effective only if people change their behavior due to a change in UI. In reality, people do not know what to pay attention to, and this change itself gradually ceases to exist. Either the change is too insignificant for people to pay attention to it. Remember the first screenshot in the article where Safari browser no longer displays the registered company name in the EV certificate? Compare it with the screenshot of my blog, also open in Safari on iOS 12:
 
3r3r9959.  
3r3661. 3r3r9959.  
3r3r9959.  
See the difference? The EV site URL and the castle next to it are now green, while the DV site is in black. Therefore, now, in order to create a corresponding expectation among users, they need to say to look for green URL and lock unless they use Chrome, which has completely removed all the green elements! Obviously, how ridiculous it is to explain to users such nuances in the browser, especially considering the speed of their change. 3r3r9959.  
3r3r9959.  
Returning to the About SSL site, there is a video where the speaker explains the advantages of EV in the same theses that we reviewed. Video about 6 minutes, if you have the patience to watch:
 
3r3r9959.  
3r33961. 3r33962. 3r3393963.

It may be interesting

  • Comments
  • About article
  • Similar news
where to buy forskolin 22 July 2019 12:09
Great customer service. Very receptive and show which they value their patients. where to buy forskolin I love the truth that every thing was started on time. All my problems was resolved without sensation overwhelmed or rushed. Every thing was described to me in step-by-step and I feel confused when I left. I knew what was precisely estimated of me.

weber

Author

4-10-2018, 03:16

Publication Date

Information Security / IT Standards

Category
  • Comments: 1
  • Views: 374
TLS and Web Certificates
Irish Bookmakers Programmer
Firefox and the pseudo-class
Reducing the credibility of Symantec
DigiCert recalls 23 thousand SSL
How to get others to answer your
Write a comment
Name:*
E-Mail:


Comments
this is really nice to read..informative post is very good to read..thanks a lot! How is the cost of house cleaning calculated?
Yesterday, 17:14

Legend SEO

It’s very informative and you are obviously very knowledgeable in this area. You have opened my eyes to varying views on this topic with interesting and solid content.

entegrasyon programları
Yesterday, 17:09

taxiseo2

I am really enjoying reading your well written articles. It looks like you spend a lot of effort and time on your blog. I have bookmarked it and I am looking forward to reading new articles. Keep up the good work.

entegrasyon programları
Yesterday, 17:02

taxiseo2

I found so many interesting stuff in your blog especially its discussion. From the tons of comments on your articles, I guess I am not the only one having all the enjoyment here! keep up the good work...먹튀

Yesterday, 16:50

raymond weber

Lose Weight Market provides the best fitness tips, workout guides, keto recipes and diet plans, yoga workout routine and plans, healthy recipes, and more! Check Out: Lose Weight Market


Corvus Health provides medical training services as well as recruiting high quality health workers for you or placing our own best team in your facility. Check Out: Health Workforce Recruitment




I.T HATCH offers a wide range of IT services including remote access setup, small business servers, data storage solutions, IT strategy services, and more. Check Out: IT strategy services
Yesterday, 22:33

noorseo

Adv
Website for web developers. New scripts, best ideas, programming tips. How to write a script for you here, we have a lot of information about various programming languages. You are a webmaster or a beginner programmer, it does not matter, useful articles will help to make your favorite business faster.

Login

Registration Forgot password