I just skimmed thru Network Solutions’ “SSL Legal Repository”. It has 32K words. It discusses how Network Solutions intends to issue and revoke Extended Validation Certificates. It did not say how revocation is to be achieved. It spends a lot of time protecting itself. The end user cannot be expected to read it. The end user might be influenced by experts who choose to read it. I won’t be one. They discuss myriad things that might go wrong and the document thus serves as a useful list of security threats. One category is when the certificate holder is replaced by someone who may no longer be trustworthy. There are many variations on this and they try to foresee some and reserve the right to revoke in such cases.

Many (by sample) of the things they protect themselves against are reasonable for no enterprise could be expected to achieve what the declare they will not achieve.

The document ends with a sort of copyright saying that it cannot be copied. That is peculiar—like saying that I cannot have a copy of a contract that I am agreeing to, or that I can’t copy my copy for my lawyer. On the other hand I would not want to pay the lawyer’s fees to produce this document.