|
|
|
|
|
|
by ams6110
3112 days ago
|
|
|
Yes, it more highlights that the simple presence of a valid certificate does NOT guarantee that you are connecting to the service that you think you are. EV certs would be harder to compromise, but likely not too difficult for a sophisticated attacker. And who really notices if a site that had an EV cert suddenly doesn't? I might for my bank, but likely would not for a software product website. |
|
|