What is the point of encryption if you don't know who for?
IS THERE SUCH A THING AS 100% SECURITY?
Is entity authentication the answer to achieve 100% security?
The answer is no, as 100% security does not exist! Any security related process or product is vulnerable! Security is about "risk mitigation".
Can the validation systems we have in place today be fooled or circumvented? Yes they can, but is this a reason to abolish them? Of course not! It's rather like saying, because our doors within our homes can be broken, let's remove them completely! It's ridiculous to even suggest this. What we need is even more security processes, products and service to secure ourselves. Removing what little protection we have is, irresponsible, short sighted and wrong!
Low Assurance SSL provides little of any value and this is often reflected in its low price.
The organizations offering Low Assurance SSL should immediately increase the level of validation they perform and work to identify better and stronger forms of entity authentication. Certification authorities should raise the bar, not lower the bar.
An entity obtaining a fully validated High Assurance SSL certificate for use in committing fraud would leave an audit trail. Law Enforcement authorities would have more chance to secure a conviction.