|
|
|
|
|
|
by prognu
953 days ago
|
|
|
Teaching users is of course the tricky part, and I'm not trying to excuse the insane draft regulation here. That said, eIDAS doesn't force browser vendors to visually distinguish Article 45-forced CA certificates from traditional CAB CA certificates, and I doubt they considered the possibility. So re-adding the distinction is a valid band-aid. Your second point can be addressed relatively easily by businesses getting multiple certificates. Then, the browser can show 'trusted' only if one of the certificates is not from a Article 45-forced CA. |
|
|