<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";
color:black;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman",serif;
color:black;}
span.EmailStyle19
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;
color:black;}
span.EmailStyle22
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:347567730;
mso-list-template-ids:-1512507262;}
@list l1
{mso-list-id:480461861;
mso-list-type:hybrid;
mso-list-template-ids:313928148 67698703 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
@list l1:level1
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level2
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level3
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l1:level4
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level5
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level6
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l1:level7
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level8
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level9
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l2
{mso-list-id:717435266;
mso-list-type:hybrid;
mso-list-template-ids:-247711288 778313006 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693;}
@list l2:level1
{mso-level-start-at:6;
mso-level-number-format:bullet;
mso-level-text:-;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Calibri",sans-serif;
mso-fareast-font-family:Calibri;
mso-bidi-font-family:"Times New Roman";}
@list l2:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l2:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l2:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l2:level5
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l2:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l2:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l2:level8
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l2:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body bgcolor=white lang=EN-US link="#0563C1" vlink="#954F72"><div class=WordSection1><p class=MsoNormal style='margin-bottom:12.0pt'><br>This is excellent work and helps people understand each method a lot better.<br><span style='color:windowtext'>- Thanks! Let me know if you disagree with anything. <o:p></o:p></span></p><p class=MsoNormal style='margin-bottom:12.0pt'>"The CA MUST record the subsection and version of the Baseline Requirements used to validate an Applicant’s control over each FQDN included in an issued certificate" <br>When is this expected to become effective?<br><span style='color:windowtext'>- Immediately after the IPR period expires<o:p></o:p></span></p><p class=MsoNormal style='margin-bottom:12.0pt'>In methods 3.2.2.4.1, 3.2.2.4.2, 3.2.2.4.3, b (2), you say that the CA must verify that the WHOIS information for the Base Domain has not changed since the CA performed the verification process. Is this the WHOIS information record itself or should CAs be looking for the Domain Contact to appear in the WHOIS record? I'm asking because some WHOIS databases do not release Domain Contact information and CAs require an official document from the Domain Registrar that contains information about the domain owner and contacts for the initial domain validation.<br><span style='color:windowtext'>- Right now the time period in that section specifies the Domain language 825 days so it’s identical to the verification period. I put this in explicitly in case we wanted to reduce the period to of WHOIS re-confirmation to a lesser period (such as 90 days?). It should have said WHOIS or Domain Registrar though instead of just WHOIS. I also don’t mind dropping bullet point 2 if everyone is opposed to a WHOIS/Domain Registrar refresh.<o:p></o:p></span></p><p class=MsoNormal style='margin-bottom:12.0pt'>For example, this is the WHOIS record for example.gr:<span style='font-size:12.0pt'><o:p></o:p></span></p><table class=MsoNormalTable border=0 cellpadding=0 width=332 style='width:249.0pt'><tr><td width="72%" style='width:72.0%;padding:.6pt .6pt .6pt .6pt'><p class=MsoNormal>Domain Name:example.gr<br>Domain Handle:dr-1234-gr<br>Protocol Number:1234<br>Creation Date:24-07-1997<br>Expiration Date:31-12-2017<br>Updated Date:05-11-2015<br>Registrar:FOO<br>Registrar Referral URL:<a href="http://www.FOO.gr">http://www.FOO.gr</a><br>Registrar <a href="mailto:Email:registrar@FOO.gr">Email:registrar@FOO.gr</a><br>Registrar Telephone:+30.123456<br>Whois Server: <br>Bundle Name:example.gr<br>Name Server:XXXX.example.gr<br>Name Server:XXXXXX.example.gr<o:p></o:p></p></td></tr></table><p class=MsoNormal style='margin-bottom:12.0pt'><br>According to your proposal, CAs only need to check if the record above has not changed?<br><span style='color:windowtext'>- Yes. That is the point of bullet point 2. To try and address issues where domain ownership may have changed.<o:p></o:p></span></p><p class=MsoNormal style='margin-bottom:12.0pt'><br>Also, there is a small typo in the 3rd paragraph of 3.2.2.4.2 a (FQNs --> FQDNs).<br><span style='color:windowtext'>- Thanks!</span><br><br><span style='font-size:10.0pt;font-family:"Courier New"'><o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times New Roman",serif'><o:p> </o:p></span></p></div></body></html>