I feel like these initiatives to make SSL available for everybody just lead to the same conclusion: EV will be the only viable alternative to show real trust, and EV is much, much more expensive than regular SSL ever was.
As far as I can tell EV certificates are completely worthless.
You know the TLS certificate you got from bankofamerica.com is legitimately from bankofamerica.com because of domain validation. What EV tells you on top of that is only that bankofamerica.com belongs to Bank of America Corporation. But you already have that information. Their website is written on the walls of all their bank branches and all the documents they've ever given you. You don't need a CA to verify that because you can trivially do it your own self. And the same is true for any person you actually know. You know their domain belongs to them because it's the domain they personally told you belongs to them.
So that leaves domains belonging to entities you've never otherwise encountered outside of their internet site. You may have never been to a Google office before. But if you've never encountered the entity outside of its internet site then the association is meaningless. What am I supposed to know of Google other than google.com?
There's also the fact that obtaining an EV certificate is so unbelievably painful. I swear it gets more difficult every year.
Last time I bought an EV cert, Comodo wanted a certification from a Chartered Accountant. Aside from the confusion associated with Comodo wanting a letter "your CA", we then had them Google for "accountants in Sydney" and complain they weren't listed on the front page.
"Kindly address the search page to show them on the page in order for us to process the order".
It took hours of complaints and escalations before they agreed to proceed, at which point they wanted to call the company's "public" phone number. Now they could have gone to the company's website, or the White Pages, but no, they found some .ru website with an "accountant review" and called the number listed there. Instead of asking what official phone listings Australians use, the only thing they would accept is "kindly update the website".
Yes, this is probably one of the more incredible examples, but the point is, who wants to risk even possibly dealing with this, when you can have a DV certificate in two minutes and it "just works"?
The benefit is that if I get BankOfAmericaa.com and try to get an EV cert, the CA is going to verify my actual company name, which will unlikely be Bank of America or anything similar. So now when I trick someone into visiting my site, if the EV area doesn't tell them "Bank of America [US]" then they should double check. Or flip it around - if a user is unsure they can go off the EV info instead of the domain name.
In practise, since EV certs aren't used all over (say, WellsFargo doesn't use them), then the value is fairly diminished since lack of EV doesn't mean much.
> The benefit is that if I get BankOfAmericaa.com and try to get an EV cert, the CA is going to verify my actual company name, which will unlikely be Bank of America or anything similar.
So the first question is, why not? Can't someone file papers for a shell corporation with whatever name they like? Of course "Bank of Americaa Corp" is likely to raise questions, but is it not possible to BS your way through an EV cert claiming to be "Bunk of America Corp", retailer of bunk beds, or "Bank on America Corp", domestic lobby group?
Going through the process is obviously a huge pain for the attacker, but it's a huge pain for a legitimate business too. If the purpose is to make the process expensive then you might as well dispense with the charade and just say "pay us $20,000 and we'll give you a shiny green bar".
And the attacker still has a problem. Everything you know about Bank of America says their website is bankofamerica.com, not bankofamericaa.com. The difference is right there on the user's screen if they're looking for it. And if they're not looking for it then what difference is a green bar? Especially if all we tell them is "make sure it's green" and not "make sure it doesn't say Back of America Corp".
If it says "bankofamericaa.com" your alarm bells should start ringing. Even assuming the attacker can't get a certificate for the right country, how is the user expected to notice (and understand) the wrong country code if they can't notice the wrong domain name?
There's one difference (I don't think it really matters though) - if you go to bankofarnerica.com and get a valid certificate for bankofarnerica.com, if would not be owned by "Bank of America Corporation". But I agree it's worthless because it relies on you remembering that bankofamerica.com has an EV cert normally. And people are terrible at noticing what's missing.
But that's nothing new. If you need real trust, you need EV. The win from LetsEncrypt and any other attempt to make SSL more mainstream is the encryption, not the trust. If you're using SSL you're protected from some government and ISP snooping, and from having the contents of your message or webpage altered in mid-stream by a nefarious third party like AT&T.
Of course it's new. It's new since there are free certificates. Before, you had to pay, always. The amount was irrelevant, but you had to show your credit card. You had to prove your identity. That's a whole new felony there: stolen ID, carding, etc.
You had to have a credit card, but there was never any matching of the credit card name to the cert. Nobody is going to stop you from buying a cert for my domain with a prepaid credit card.
Protected from criminals or from the ISP snooping, yes (with a certain confidence), protected from the government (any government really) snooping most likely no. If not through their own ca (just find the one controlled by your local government. High chances there is at least one in default ca stores) than always by obtaining a warrant and requiring the website in question to share information.
Well it's possible and reasonable that you don't want to have what products your browsing to be snooped on by some sort of MITM attack. While probably not from MITM snooping, Target found out a teenage girl was pregnant before her own parents, and sent her parent's address Diaper and Baby advertisements: http://www.forbes.com/sites/kashmirhill/2012/02/16/how-targe...
Who do you expect to care whether the certificate is EV or not? (serious question) Google is not EV, facebook isn't either, banks are 50/50, almost none of the big online shops are EV (amazon included). I've never heard anyone raise this as an issue - technical or not.
You know the TLS certificate you got from bankofamerica.com is legitimately from bankofamerica.com because of domain validation. What EV tells you on top of that is only that bankofamerica.com belongs to Bank of America Corporation. But you already have that information. Their website is written on the walls of all their bank branches and all the documents they've ever given you. You don't need a CA to verify that because you can trivially do it your own self. And the same is true for any person you actually know. You know their domain belongs to them because it's the domain they personally told you belongs to them.
So that leaves domains belonging to entities you've never otherwise encountered outside of their internet site. You may have never been to a Google office before. But if you've never encountered the entity outside of its internet site then the association is meaningless. What am I supposed to know of Google other than google.com?