<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal">I realized the draft domain validation ballot I attached with the email below (dated Aug. 28) had an error – it included a Method 10 (where the CA is also the domain registrar) that we didn’t need, because the same method was also added
to the end of Method 1. <o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I removed this Method 10 from the attached draft dated Sept. 1 (but otherwise made no changes). Please review this new draft dated Sept. 1 for your comments on this Thursday’s call.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Kirk<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From:</b> Kirk Hall (RD-US) <br>
<b>Sent:</b> Friday, August 28, 2015 10:50 AM<br>
<b>To:</b> CABFPub (public@cabforum.org)<br>
<b>Subject:</b> Validation Working Group’s draft ballot to revise the current BR 3.2.2.4 on domain validation methods
<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I attach the Validation Working Group’s draft ballot to revise the current BR 3.2.2.4 on domain validation methods for review and discussion at the next Forum teleconference call on Sept. 3. This is not a pre-ballot, but instead is a draft
the VWG wants to use to generate comments from the Forum for further consideration. You will see there are a number of “open issues” where we want input from the Members.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">The attached draft includes the following Summary of Changes at the start, which is important to help guide the discussion. We welcome all comments.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:2.0pt;margin-right:0in;margin-bottom:2.0pt;margin-left:.5in">
<b>Summary of changes<o:p></o:p></b></p>
<p class="MsoNormal" style="mso-margin-top-alt:2.0pt;margin-right:0in;margin-bottom:2.0pt;margin-left:.5in">
The primary purpose of this change is to replace Domain Validation item 7 "Using any other method of confirmation which has at least the same level of assurance as those methods previously described" with a specific list of the approved domain validation methods
(including new methods proposed by Members). This ballot also tightens up and clarifies the existing Domain Validation methods 1 through 6. This revised BR 3.2.2.4 describes the methods that CAs may use to confirm domain ownership or control. Other validation
methods can be added in the future.<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:2.0pt;margin-right:0in;margin-bottom:2.0pt;margin-left:.5in">
<o:p> </o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:2.0pt;margin-right:0in;margin-bottom:2.0pt;margin-left:.5in">
The Validation Working Group believes the domain validation rules should follow the current BR 3.2.2.4 structure as much as possible so the changes are easy to understand, be worded as simply and clearly as possible so as to be easily implemented by CAs worldwide,
and should avoid unnecessary complications or additional requirements that don’t address with a realistic security threat. If a Forum Member wants to add any new requirements to these validation methods should be added, the Validation Working Group would
prefer that the new requirements be proposed and discussed by separate ballot.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</body>
</html>
<table><tr><td bgcolor=#ffffff><font color=#000000><pre><table class="TM_EMAIL_NOTICE"><tr><td><pre>
TREND MICRO EMAIL NOTICE
The information contained in this email and any attachments is confidential
and may be subject to copyright or other intellectual property protection.
If you are not the intended recipient, you are not authorized to use or
disclose this information, and we request that you notify us by reply mail or
telephone and delete the original message from your mail system.
</pre></td></tr></table></pre></font></td></tr></table>