[tialaramex]

EV certificates are a compromise between the CAs and the browser vendors (today effectively all OS vendors except Mozilla stands in for the free Unixes).

The CAs wanted a product with a distinct UI that could drive sales of a more expensive certificate.

The browsers wanted CAs to do a better job of validation.

So the agreement was: we'll add a fancy UI for these certificates if you promise to ensure all your certificates are properly validated.

But validating the shiny organisation data in the EV cert, while useful, is not a major priority for the browsers. A machine can't do anything with it. The browsers mostly care about validating the Fully Qualified Domain Name, which is done even in DV and OV certificates just the same.

Trying to solve security problems with EV means relying on fallible humans not to make mistakes. It won't work. If it makes you feel better to try, be my guest but the browser vendors have been there, tried that.