> > On Sun, Sep 11, 2011 at 9:08 PM, Christopher Morrow > <morrowc.li...@gmail.com> wrote: > >> what's the real benefit of an EV cert? (to the service owner, not the >> CA, the CA benefit is pretty clearly $$) > > The benefit is to the end user. > They see a green address bar with the company's name displayed. > > Yeah, company's name displayed -- individuals cannot apply for EVSSL certs. > > > With normal certs, the end user doesn't see a green address bar, and > instead of the company's > name displayed "(unknown)" is displayed and > "This web site does not supply ownership information." is displayed. > > If you ask me, hiding the company's name even when present on a non-EVSSL > cert is tantamount to saying "Only EV-SSL certs are really trusted anyways". > > So maybe instead of these shenanigans browser makers should have just > started displaying a "don't trust this site" warning for any non-EVSSL cert. >
As an academic aside, exactly what would one set on his (internal) root CA so that internally-trusted certs signed by that CA would show up as EV certs?
