Out of the way

The CA/B forum (Certificate Authority and Browser) was set up a while ago by browsers and people who sell (for the most part - although you can give them away) the security certificates that the web relies on for securing connections.

These things are important. If you break the basic security of these, then anything that has been done is open. For example, if a bank uses a low-security certificate, and somebody decides to invest the time to crack it, then the bank effectively allows someone to watch over the shoulder of its virtual teller, recording all the data, and changing the forms if they feel like it.

Until now, when you bought a certificate in a country, it was really just a claim that you are some organisation. People have to trust that, for example, the Commonwealth Bank of Australia's certificate really belongs to them and that if something goes wrong, the bank will be able to be held responsible for their failures.

One of the things the CA/B form has done is to agree on a new "extended validation" (EV) certificate - which is much more carefully checked up. People have complained because this is more expensive. But the alternative is not to have the people who get certificates carefully checked out, which in turn makes it harder to do something about any problem that arises.

Yngve (who represents Opera in various security things including both the CA/B forum and the W3C's Web Security Context group) blogs about security fairly often. And most recently he has shown a screenshot of the EV implementation - that he currently has running on his development build. It looks like it is slated for Kestrel, which will be nice.

(Don't read too much into the screenshot. It is important that security looks similar to users everywhere, so they understand what is going on, so we don't have a massive amount of free play, but this hasn't been through the User Interface people yet...).