Google did not request and were not granted EV treatment for this CA. So even if it mints certificates with an EV OID in them that will get ignored in Firefox.
Although the Google CA, Google's root trust programme, and the Chrome TLS implementation people are three distinct teams at Google, common sentiment among the technically savvy (which would include all three groups) is that EV is either entirely or largely pointless and nobody cares, so it would not make sense to request EV treatment.
Your general thrust is right, there are other things CAs issue that Let's Encrypt does not, but the numbers still tell a story of solid growth even in the Web PKI, Let's Encrypt grew the market considerably, seizing 75% of a market that is now five times bigger than before doesn't squeeze out other people.
It would be rational and moral (within Google's own worldview) to sell EV, drive all the other EV sellers out of business, and then stop. It's a lot harder to get into the EV business than into the homeopathy business, so it's not quite comparable to your doctor trying to drive the homeopaths out of business.
It's not a fundamental part of most cryptocurrencies: it suffices to have a private key be able to send and receive money from its own account, without knowing what legal entity controls that account.
It's not a fundamental part of Signal; the cryptosystem only identifies phone numbers, not legal identities. Similarly, it's not a fundamental part of Keybase, which only identifies social media accounts.
It's not a fundamental part of PGP; it's traditional to verify legal identity (and some users have a need for that), but it's not at all required and you can have a pseudonymous key in the strong set pretty easily.
It's not a fundamental part of military encryption, where the legal entity is just "this country's military," but internal distinctions matter.
It's not a fundamental part of Tor, which goes to lengths to lose track of the legal identity of its users.
There are advantages to identifying the legal entity that controls a website, sure, but 99% of the advantage of SSL is identifying a site name so that cookies are only sent to the same site, JavaScript is only accepted from the same site, a bookmark opens only the same site, a link from elsewhere on the web opens only the same site, etc. And in most cases, "legal entity" is just a proxy for "entity I expect". When I visit gmail.com, I'm looking for the entity I previously visited at gmail.com; knowing that gmail.com is now Alphabet instead of Google doesn't really help me, but knowing that it's the same site does. When I register an account in person at First Bank of Springfield and go home to log in, I care less that the website I find is controlled by one of the many First Banks of the many Springfields than that it is the same entity I just signed up for an account with - and I can guarantee that by typing in the https URL they gave me on the welcome brochure.
In cryptocurrencies the desire is often to not tie a legal entity to a wallet, hence digital cash. Likewise Tor, again anonymity may be the entire the purpose. However other mechanisms exist that do exactly this when desired: Tor only uses EV SSL to make sure you're communicating with the legal entity you think you are. At CertSimple we have customers including Privacy International and Buzzfeed that use our Tor EV product for exactly this.
Linking PGP keys to identities is done at most well known universities, as you noted.
Keybase links pubkeys to social media accounts, but that's also the point: a single network endpoint is not a sufficient indicator of identity.
Debian key parties link passports and drivers licenses to pubkeys.
Windows binaries are signed with EV certs.
> I can guarantee that by typing in the https URL they (the bank) gave me on the welcome brochure.
Users will never type in most URLs, let alone every URL.
Who requires these certs? I've always gotten the impression they are useful for 1) checking a box on some form; and 2) making more money for CAs.
And, if its my job to check that box or to make money for a CA, well, that's fine. But, it terms of them actually having a real use, I'd love for someone to tell me what that real use actually is.
Everyone who operates a website with users that can be the phishing targets. Plain certs (DV) only tell you that you are talking to a server that that has been validated to belong to a domain (and the taking is done encrypted).
Extended validation and organization validation (EV and OV) certificates do not solve any technical cause of phishing. They're also poor instruments for attacking the social efficacy of phishing attacks. The phishing demo you linked in that Twitter page is not mitigated by EV or OV certificates.
These "extra" certificates are sold at a premium 1) so CAs can earn more, despite the race to the bottom; and 2) so potential victim companies of data breaches can point to all the "extra" effort (read: money) they invested in security. But they fundamentally do not improve security, because they're predicated on the idea that non-technical end users will use increasingly more sophisticated methods of identity assurance. The software security industry has decades of case studies which demonstrate this is not the case.
Simply put: you can't solve phishing by stuffing more and more authentication signals into a URL bar and a padlock icon. Approximately all users won't even bother to check and most will simply click through warnings. Trying to design better, more "verified" certificates is a clear example of a local maximum. It seizes upon a weak proxy for security against phishing, then tries to optimize further with the bureaucratic scar tissue of identity verification. In so doing it completely loses focus on the core issue.
That assumes that a significant number of people a) know that Google has a EV certificate and b) actually check it. To the first point, I'm not sure that Google actually does have an EV cert - looking at Google.com, I think they just have a DV cert. And to the second point, I suspect that few people actually check if the cert is EV or DV (If they check that the connection is encrypted at all).
Having an EV cert for yourwebsite.com does nothing to prevent fishing if people are directed to someotherwebsite.com.someotherwebsite.com. So, whats the point if going through the extra pain / expense of getting one?
There's not a lot of point to EV. Google and eBay don't even EV their primary domains; given what high-profile targets those are for phishing, the fact that they're not EV should tell you something about its utility as an anti-phishing measure.
As per [1], twitter does use EV certs, but not everywhere. It depends on the geographical location. The author of this article (Troy Hunt) never noticed this inconsistency, whilst he works in security.
Given that he never noticed it, and the fact that I've never heard of anyone else noticing it. I'd say that even when high-profile targets deploy EV, it still does nothing.
A possible exception might be banks. I've heard (I think in the HN comment thread of [1]) of people actually calling up banks asking why the name isn't in the green part of the browser. I know I check that address most often. I guess people are just most security aware when it comes to mixing the internet and money.
I recommend this presentation to help dispel a lot of misconceptions about phishing and how easy it is for even highly technically and security literate people to get phished:
If you think EV has magical phishing-prevention sauce, you probably want to do more research on the topic. Especially since browsers are starting to tone down or even remove special visual signifiers for EV certs (since, if EV had incredible anti-phishing power, they wouldn't be doing that).
