E-rant

For those of you that know my feelings on extended validation SSL, this makes me so happy I could wet myself:
http://www.theregister.co.uk/2009/03/28/ev_ssl_spoofing/
 
The green URL bar you paid $1000 for to show your users that you have their best interests in mind?  Well, it doesn’t really work…  I wonder what the next SSL “product offering” will be to fix this?  Perhaps this is a conspiracy between browser vendors and the SSL industry – it sure seems that the way to make it all work as the browsers expect it to is for all ssl sites to get extended validation ssl, which means an additional $900 per web site (roughly).  According to netcraft, there were 794,000 valid ssl sites they were able to identify in Jan of 2008.  That’s a $714M upgrade!