Hi. I did not mean that EV certs is an solution. I just said that it can be a metric when a user or OP or RP measures the turstability of the other party, because the party with EV certs has gone through more rigorous and costly procedure to get them. <div>
<br class="webkit-block-placeholder"></div><div>If I were to apply in the OpenID Reputation Service like context, some reputation service provider may give +5 points or so for the party with EV certs. That's all. (Having said that, how parties are scored is explicitly out of scope for ORMS and the OpenID Reputation Service/Trusted data Exchage WG that I am going to propose in coming weeks.)</div>
<div><br class="webkit-block-placeholder"></div><div>Regards, </div><div><br class="webkit-block-placeholder"></div><div>=nat<br><br><div><span class="gmail_quote">2008/2/29, Eddy Nigg (StartCom Ltd.) <<a href="mailto:eddy_nigg@startcom.org">eddy_nigg@startcom.org</a>>:</span><blockquote class="gmail_quote" style="margin:0;margin-left:0.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#ffffff" text="#000000">
Nat Sakimura wrote:
<blockquote type="cite">
<pre>But what does it take to get a cert? Very little.
That is why it does not solve the trust problem.
(EV Certs are another initiative to solve this trust problem, though. )
</pre>
</blockquote>
Which in the case of OpenID isn't what we are after....Validated
certificates (of which EV is just one form) can be used for
authentication and for assuring to the provider about WHO the owner of
a digital identity (OpenID URI) is. The provider could reflect that
fact to relying parties, should the user wish to do so. It doesn't
solve the trust problem between the RP and the provider.<span class="q"><br>
<blockquote type="cite">
<pre>Nat
2008/2/29, Vipin Rathor <a href="mailto:v.rathor@gmail.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)"><v.rathor@gmail.com></a>:
</pre>
<blockquote type="cite">
<pre>hi,
>This only solves the problem of eavesdropping, not trust.
I'm disagree with this. As per my understanding, the digital
certificate provides integrity, authentication and non-repudiation.
(<a href="http://en.wikipedia.org/wiki/Public_key_certificate" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://en.wikipedia.org/wiki/Public_key_certificate</a>). And with the
help of trusted third-party (CA), it provides trust relationships.
Is there something with OpenID requirements, that I'm not getting?
Please help me out...
-- Rathor
_______________________________________________
general mailing list
<a href="mailto:general@openid.net" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">general@openid.net</a>
<a href="http://openid.net/mailman/listinfo/general" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://openid.net/mailman/listinfo/general</a>
</pre>
</blockquote>
<pre> </pre>
</blockquote>
<br>
</span><div>-- <br>
<span class="q">
</span><span class="q">
</span><table border="0" cellpadding="0" cellspacing="0">
<tbody><tr>
<td colspan="2">Regards </td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
<tr>
<td>Signer: </td>
<td>Eddy Nigg, <a href="http://www.startcom.org" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">StartCom Ltd.</a></td>
</tr>
<tr>
<td>Jabber: </td>
<td><a>startcom@startcom.org</a></td>
</tr>
<tr>
<td>Blog: </td>
<td><a href="http://blog.startcom.org" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">Join the Revolution!</a></td>
</tr><tr>
<td>Phone: </td>
<td>+1.213.341.0390</td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
</tbody>
</table>
</div>
</div>
</blockquote></div><br><br clear="all"><br>-- <br>Nat Sakimura (=nat)<br><a href="http://www.sakimura.org/en/">http://www.sakimura.org/en/</a>
</div>