Comment Re:And the CAs do ... what again? (Score 1) 151
This kind of scheme makes perfect sense to me. Then individual companies would become their own certificate authority and could self-sign as needed. As a consumer, the only decision I need to make is if I trust the destination and after doing this once I shouldn't need to do it again. Of course, as a company I won't have to keep shelling out pointless cash to a CA that doesn't really do anything for me.
If my next visit to https://visa.com/ turns out to be a phishing site (don't bother following the link, it appears Visa's site is SSL challenged), then I'll likely get a prompt that says something like https://visa4scam.com/ has a certificate that you don't already trust - do you want to trust it? Smart browsers could say stuff like did you know that you already trust a certificate from visa.com and it has a different domain or IP address, and even indicate that this may not in fact really be Visa.
Honestly, I'm not sure the identity checks associated with EV really mean anything either. It's entirely for encryption purposes, and as a hacker unless I can hijack the actual domain there isn't much I can do with it.