Sorry what I meant is proving control of the domain by the specified legal entity.
If I apply for an ev cert for ACME Inc to use on acme.com and have "ACME Inc" as the registered owner in Whois, does that satisfy the domain control check?
EV doesn't necessarily promise "this company owns this domain", does it? I thought it says "the certificate holder is this company" + "the certificate holder controls this domain" (which is the standard DV check).
Which is all I want, anyway. If I'm typing my Bank of America login info, I care that it's being encrypted to a private key in Bank of America's control, and it doesn't really matter if that happens through a DNS name registered to Bank of America or not. It would be weird if it didn't, but it wouldn't inherently impact my security if the key was still BoA's.
Yes, your understanding is correct, though a CA can use domain ownership to skip DV checks (if you validate requester is X Inc and X Inc is listed in WHOIS, no DCV needed).
Understood, but that's still not correct. Whois is Only used for proving control by whatever contact is mentioned in Whois. The company name in Whois isn't used for EV verification of legal entities at all.
If I apply for an ev cert for ACME Inc to use on acme.com and have "ACME Inc" as the registered owner in Whois, does that satisfy the domain control check?