Extended SSL verification a bit too strong

[Guest]

[Mp5shooter]

I think that the extended SSL verification that is built into CD on top of what Chromium already has is a bit too strong. There are several websites that I visit on a regular basis that are SSL-enabled which have SSL certificates from well-known certificate authorities such as Starfield Tech, RapidSSL, and Go Daddy, which CD throws warnings about ("It may not be safe to exchange information with this site"). Thoughts?

[John Buchanan]

Does not mean those certificates are for a safe site.  CD is doing what it is supposed to be doing.  Proceed to the sites you know are [supposed to be] safe.

[Mp5shooter]

Does not mean those certificates are for a safe site.  CD is doing what it is supposed to be doing.  Proceed to the sites you know are [supposed to be] safe.

These sites are safe sites though, for example spideroak.com, a well known online file storage service.

[Sal Amander]

These sites are safe sites though, for example spideroak.com, a well known online file storage service.

How can you be so sure? How can you trust them when all they've done is proven they own a domain? They went for the cheapest and easiest way out.  If they were really smart, they'd go the route of EV. Any Joe can own a domain and read an email to prove ownership.

P.S. I've never heard of them in my 15 years in the industry.

[CyberKlown28]

This is true. It takes good sites and makes you have to click through to go to them.
DuckDuckGo, the search engine, is the big one that annoys me! Forcing me to hit the button just to get to my search engine. Slows down browsing big time for people who use a lot of sites that get hounded like this.

[lightstep]

The same issue was discussed in another topic recently: https://forums.comodo.com/help-cd/turn-off-extended-ssl-verification-feature-in-cd-t75375.0.html.
We will have the ability to turn off showing warning for low-verification certificates in the next version.

[Tags:]