They effectively already left NATO and openly support Russia already.
ICC members are already under fire and some had their microsoft account banned by Trump.
Trump will invade Greenland and Canada first. China is less of an priority.
NATO works by projecting a united force. Nations unconditionally backing each other up. The USA is now clearly no longer a part of that. That's not to say that the USA will do nothing if a NATO member is attacked. It might. Or not.
Limiting Nuclear proliferation was already fucked.
Trump tore up Iran's "we won't do nukes" deal, doesn't matter whether you think they were genuine or not, it demonstrates we will go back on a deal so our word isn't worth anything.
Ukraine shows that the west will not actually protect you like they claim, so your only option is getting nukes to really deter people.
North Korea and Pakistan demonstrate that you can pretty much do whatever you want with just a couple nukes, the west will cower in fear over idle threats.
No country would look at any of this and conclude that they have any choice but to build nukes to protect themselves.
Any country without nukes, that is not currently developing them, is stupid imo.. Nukes are the only thing that can guarantee sovereignty now.
Ukraine gave up their nukes.
No need to consider. The UK and France have nukes. France even has a two-tier response. Not enough to vitrify Russia or China five times over, but enough to make them reconsider.
For much of NATO history, the US is NATO. The US doesn’t want it to be like that anymore because it needs to strategically shift to the other side of the world. So, the US says “What if Europe can be NATO? If we can force them to meet the GDP commitment then maybe we don’t need to worry about them too much and commit less of our own resources to this theater.” But of course people interpret this as if the US is abandoning the alliance. No, the US just has other problems to deal with in the world.
That is the rationalization, but don't be surprised if the US would not confront China at all.
The main flow of capital in the US had been going to the mil.industry, but that is not the case anymore. It is mainly surveillance tech that is receiving capital. In a very unhealthy economy, this all looks eerily pre-'30s.
The US, right now, is only threatening weak countries, they don't have the industrial power to confront China, nor do they want it. This shouldn't be a surprise, some ideologues behind this maga-project belief in an America from one pole to the other. They believe in "spheres of influence", and as such China has their own sphere of influence. A sphere of influence means a kind of colony, where natural resources, people and industry are all resources to be extracted by them. It is the Russian model, it is the model of criminal mobs, it is might makes right, it is a multi-polar world.
Meanwhile, re-industrialization projects have been scrapped, partners have been scared of, and tariffs have hit the industry that was still left in America.
Monopolists are parasites on the economy, and the US is already very weakened from that. As the Japanese said, the US is still a great power, but the throne is empty. I suspect there will be skirmishes with other "great powers" over exploitable resources like Africa, Middle East, Europe, but I don't expect the current crop to go all-in on China.
Yes, the US has always been the driving force behind NATO. It provides close to 40% of the combined military personnel, and an even higher portion of military spending.
No longer committing to defend other NATO countries, even if their military spending exceeds the target, is abandoning the alliance though. NATO is little else than that commitment.
There's a left wing cooker conspiracy theory that the guy who gave Ukraine the Javalin anti tank missiles and forced NATO to increase military spending to 5% of GDP is actually a secret Russian agent.
I didn't group NATO and the US separately. You thought I did, but I didn't and you just hadn't read properly.
I waffled a bit in my reply to not rub it in too hard.
And do you want to contribute with something other than nitpick or insult?
Do YOU think that an informed and intelligent person can conclude that Trump is secretly a Russian agent, given he was the driving force behind a massive hike in NATO spending (which Putin really hates)?
I'm not calling Trump competent, or consistent, or benevolent. You can say he has a weird crushed on Putin and is easily manipulated and corrupt.
You can even suggest a lot of the MAGA people who surround Trump are actually working for Russia, since Russia tries to influence a lot of groups and Trump's cronies (and the influencers Trump listens to) are often compromised.
But do you think Trump is actually consistently taking orders from Putin because of some kind of leverage Putin has? Because people say this constantly and it's (in my opinion) almost as embarrassing as Republicans and the Pizza conspiracy. Trump has done some things that are increadibly damaging to Russia, and blackmail doesn't work on a pathological liar with no sense of shame.
I'm sure you're smart enough to agree with pretty much all of this. But you disingenuously attack me because I'm attacking people who are on your side, even if you would privately admit they are dumb.
This is what I read in your comment: that Trump "forced NATO to increase military spending to 5% of GDP". Are you talking about the US there? No, tautologically, you are talking about those parts of NATO that Trump forced to increase military spending to 5% of GDP. So what is controversial about my observation that you used the term NATO to stand for a NATO without the US?
My point was that by doing so you yourself add weight (a very little weight) to the thesis of the grandparent that, at least in people's perceptions, the US has left NATO. It wasn't just a nitpick, but at the same time I did not intend to join this side or that side in some mad argument that is playing out in your mind. I freely admit that at this point I am not reading all your output.
Russian asset, not necessarily agent. At least that's the commonly spread idea, for which there is at least some circumstancial evidence: commercial projects in Russia for several decades and well documented links to Ukrainian and Russian oligarchs under Trump I just to name two.
Never do this on the job. Its called corporate sabotage and will result in a lot of trouble for you.
Its also a generally bad idea.
The whole point of deprecation is to let others choose a moment to switch over on their own moment of choosing. If you don't want to maintain it just remove it. It is far nicer behavior.
Don't force others in a debugging hell. It makes you a bad person.
When you request an EV. They call you by the phone number that you give to ask if you requested a certificate. That was the complete extend of the validation.
I could be a scammer with a specificity designed domain name and they would just accept it, no questions asked.
> In addition to all of the authentication steps CAs take for DV and OV certificates, EV certificates require vetting of the business organization’s operational existence, physical address and a telephone call to verify the employment status of the requestor. [1]
Tying a phone number to a physical address and company is a lot more useful than just proof of control over a domain. Of course its not 100% fool proof and depends on the quality of the CA but still very useful.
> Tying a phone number to a physical address and company is a lot more useful than just proof of control over a domain.
It might be useful in some cases, but it is never any more secure than domain validation. Which is why browsers don't treat it in a special way anymore, but if you want you can still get EV certificates.
It was easy to provide the information for an existing business you're completely unrelated to. Reliably verifying that a person actually represents a company isn't possible in most of the world.
Many countries has official register of companies with at least post box address. Requiring to answer a physical letter sent to an address from the central register will be much more reliable.
IMO it would make sense to tie into the trademark system. Allowing companies to build a brand reputation and protect it from impersonators is literally the whole point of that part of our legal system.
Imagine if only the owner of the McDonald's trademark could issue a certificate which displays the McDonald's name and logo, for example.
Depends on the registrar. Globalsign required the phone number to be one publicly listed for the company in some business registry (I forget exactly which one), so it had to be someone in our main corporate office who'd deal with them on the phone.
Dun and Bradstreet (?). I believe I'm remembering this correctly. I still deal with a few financial institutions that insist on using an EV SSL certificate on their websites. I may be wrong, but I believe that having an EV SSL gives a larger insurance dollar amount should the security be compromised from the EV certificate (although I imagine it would be nearly impossible to prove).
When I last reissued an EV SSL (recently), I had to create a CNAME record to prove domain ownership, as well as provide the financial institution's CEO's information which they matched up with Dun & Bradstreet and called to confirm. The entire process took about three days to complete.
For an online business in a dubious (but legal) domain, my co-owner spent a few hundred bucks registering a business in New Mexico with a registered agent to get an EV cert.
I have an almost identical story except the state in question was Nevada. I’m curious what “dubious” domain it was, for me it was video game cheats. Maybe I’m actually the co-owner you’re talking about. :)
I'd love a referral to your certificate authority and rep - we go through a big kerfluffle each renewal period, only eventually receiving the certificate after a long exchange of government docs and CPA letters. For us, only the last step is the phonecall like you say.
This exchange seemingly proves the argument that user trust gained from the EV treatment is misplaced, and that the endeavor was a farce all along. It's not as though the user's browser was distinguishing the good CAs from the bad!
I disagree. I specifically said in my original comment they were very useful for those that knew what EV certs were and EV certs weren't.
You may not know that Digicert is a quality CA who wasn't going to risk their position as a CA to sign an EV cert for a typo squatting phishing site pretending to be PayPal but there are those who do. The green UI in chrome & firefox made finding all of this information out incredibly simple and obvious.
It was used correctly. What CAs wanted to sell wasn't something browsers wanted to support, and EV was the compromise. It just happens that what EV meant wasn't that useful irl.
What's the alternative, showing the company's unique registration ID?
CAs invented EVs because the wanted to sell something which could make them more money than DVs. The fact that company names aren't unique means that the whole concept was fundamentally flawed from the start: there is no identifier which is both human-readable and guaranteed to uniquely identify an entity. They wanted to sell something which can't exist. The closest thing we have got is... domain names.
The alternative would have been to have the CA use human judgement when approving EV certificates and reject applications from organizations whose names shadowed better-known firms, or to only accept applications from a select set of organizations (like, say, banks). But either of those possibilities would have increased the cost of the program and limited the pool of applicants, so CAs chose the cheap, easy path which led to EV certificates becoming meaningless.
How many CAs do you think there are? How many countries do you think they operate in?
Maybe we could augment the old EV cert indicator with a flag icon, but now there's yet another thing that users have to pay attention to. Maybe the CA/Browser Forum could run a clearinghouse for company names, but apart from trivial examples, there might very well be legitimate cases of two companies with the same name in the same country, just in different industries. Now do we augment the indicator with an industry icon too? Then the company changes its name, or forms a subsidiary relationship, or what have you. Now do we need to put "Meta (formerly Facebook)" or "Facebook (division of Meta)" etc. in the name?
There's just so many problems with the EV cert approach at Internet scale and they're largely beyond solvable with current infrastructure and end-user expectations.
How do you decide when a company is "well-known"? What's going to happen when there are two well-known companies with the same name or a very similar name? What if a well-known company in country A expands to country B, where a well-known company with that name (but active in a different industry) already exists? How are you going to deal with subsidiaries which are both legally and organizationally separate? Who gets to keep the EV when a company spins off a division but both parts retain the same name?
"Use human judgement" might work for trivial examples of fraud, but it quickly breaks down once you try applying it to the real world. Besides, how are you going to apply the same "human judgement" across hundreds of employees at dozens of CAs? If anything, you're just begging to get sued by large corporations whose complex situation fell on the wrong side of your human judgement.
The problem is that people wrongly believe that company names are unique. In reality you're just some paperwork and a token registration fee away from a name clash.
If anything, it's a disadvantage. People are going to be less cautious about things like the website's domain name if they see a familiar-sounding company name in that green bar. "stripe-payment.com" instead of "stripe.com"? Well, the EV says "Stripe, Inc.", so surely you're on the right website and it is totally safe to enter your credentials...
In many countries, company names are unique to that country. And combined with country TLDs controlled by the nation-state itself, it'd be possible for at least barclays.co.uk to be provably owned by the UK bank itself when a EV cert is presented by the domain.
In the US though, every state has it's own registry, and names overlap without the power of trademark protection applying to markets your company is not in.
Are company names even unique within the UK? Sure, there can be only one bank named Barclays because of trademark laws, but can't there be a company in a different sector with the same name? Like Apple the computer business vs Apple the record company?
Or don't you have small local businesses (restaurants, pubs, stores) with duplicate names as long as they're in different locations? I know here in Flanders we have, for example, tens if not more places called "Café Onder den toren" (roughly translated as "Pub beneath the tower"). Do all local businesses in the UK have different names?
That's not exactly a great example, is it? "Barclay" even has a disambiguation page on Wikipedia, because it's a reasonably common Scottish surname.
For example, there used to be a Scottish company constructing steam locomotives which traded under the "Barclays & Co" name - because it was founded by one Andrew Barclay. There's also the Barclay Academy secondary school, and a Bentley dealer which until recently operated as Jack Barclay Ltd.
And that's just the UK ones! Barclays operates internationally, which means they want "barclays.com", so suddenly there's also Barclay-the-record-label, Barclay-the-cigarette-brand, Barclay-the-liquor-brand, Barclay College, golf tournament The Barclays, Barclays Center (whose naming rights were bought by the bank, but they of course want their own completely distinct website), Barclay Theatre, three Barclay Hotels.
Of course there's also all the stuff under "Barkley", "Barkly", "Berkley", and probably a dozen other variations just waiting to be used to scam dyslexic Barclays custumers.
Barclays used to operate under Barclays Bank PLC. IMO, if disambiguation was problematic online they would have reverted back to that name.
You bring up good points, but I don't think that company naming has to be 100% proof against confusion, it's just one more helpful thing for consumers to identify whom they are doing business with.
In the case of close names like "Barkley", if they're doing banking, there is probably a trademark case against if they actually use it to confuse customers.
Ive stopped using all kagi stuff because of the lack in transparency and my official requests for transparency remained unanswered.
I don't trust any American corporation that refuses to be transparent.
US law allows for way to much dangerous stuff compared to the EU.
That is also why the US lost its democracy recently.
