[cabfcert_policy] Conflict Merging Master into ClarifyCADefinition

Dimitris Zacharopoulos jimmy at it.auth.gr
Thu May 31 09:21:29 MST 2018 

Here is a slightly improved version.

Dimitris.

On 31/5/2018 7:13 μμ, Dimitris Zacharopoulos wrote:
>
>
> On 18/5/2018 11:31 πμ, Dimitris Zacharopoulos wrote:
>> On 17/5/2018 8:01 μμ, Ben Wilson wrote:
>>> I got some help taking a look at the GitHUb branch we've been 
>>> working on.  Before I can merge Master into ClarifyCADefinition, we 
>>> need to resolve one conflict:
>>>
>>>
>>>
>>> ##### 3.2.2.4.1 Validating the Applicant as a Domain Contact
>>>
>>>
>>>
>>> Confirming the Applicant's control over the FQDN by validating the 
>>> Applicant is the Domain Contact directly with the Domain Name 
>>> Registrar. This method may only be used if:
>>>
>>> 1.            The CA authenticates the Applicant's identity under BR 
>>> Section 3.2.2.1 and the authority of the Applicant Representative 
>>> under BR Section 3.2.5, OR
>>>
>>> 2.            The CA authenticates the Applicant's identity under EV 
>>> Guidelines Section 11.2 and the agency of the Certificate Approver 
>>> under EV Guidelines Section 11.8; OR
>>>
>>> <<<<<<< ClarifyCADefinition
>>>
>>> 3.            The TSP also operates the Domain Name Registrar, or is 
>>> an Affiliate of the Registrar, of the Base Domain Name.
>>>
>>> Note: Once the FQDN has been validated using this method, the CA MAY 
>>> also issue Certificates for other FQDNs that end with all the labels 
>>> of the validated FQDN.  This method is suitable for validating 
>>> Wildcard Domain Names.
>>>
>>> =======
>>>
>>> 3.            The CA is also the Domain Name Registrar, or an 
>>> Affiliate of the Registrar, of the Base Domain Name.
>>>
>>> Note: Once the FQDN has been validated using this method, the CA MAY 
>>> also issue Certificates for other FQDNs that end with all the labels 
>>> of the validated FQDN. This method is suitable for validating 
>>> Wildcard Domain Names. For certificates issued on or after August 1, 
>>> 2018, this method SHALL NOT be used for validation, and completed 
>>> validations using this method SHALL NOT be used for the issuance of 
>>> certificates.
>>>
>>
>> It's funny that we have to resolve this conflict for one of the 
>> to-be-deprecated methods :)
>>
>> Anyway, I was able to resolve the conflict and created a 
>> conflict-free branch (ClarifyCADefinition2) on GitHub. Here is the 
>> pull request that displays the proposed changes to the current 
>> Baseline Requirements (1.5.7).
>>
>> https://github.com/cabforum/documents/pull/95/files#diff-7f6d14a20e7f3beb696b45e1bf8196f2 
>>
>>
>>
>> Dimitris.
>> _______________________________________________
>> Policyreview mailing list
>> Policyreview at cabforum.org
>> https://cabforum.org/mailman/listinfo/policyreview
>>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: [Compare New] documents_BR.md at 6a498481afcec67e1a6f7f966ee00ebb5bb33dc0 ? cabforum_documents ? GitHub.pdf
Type: application/pdf
Size: 1117556 bytes
Desc: not available
URL: <http://cabforum.org/pipermail/policyreview/attachments/20180531/f004ca04/attachment-0001.pdf>

More information about the Policyreview mailing list