Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)

Christopher J. Pilkington cjp at 0x1.net
Mon Sep 12 14:25:11 UTC 2011

On Sep 11, 2011, at 11:06 PM, Hughes, Scott GRE-MG wrote:

> Companies that wrap their services with generic domain names (paymybills.com and the like) have no one to blame but themselves when they are targeted by scammers and phishing schemes. Even EV certificates don't help when consumers are blinded by subsidiary companies and sister companies daily (Motorola Mobility a.k.a. Google vs. Motorola Solutions.)

GE Money Bank is notorious for this… from a retail store's main page they redirect you to https://www3.onlinecreditcenter6.com.  (No-EV certificate, either.)


More information about the NANOG mailing list