[cabfpub] Proposed motion to modify EV domain verification section
Eddy Nigg (StartCom Ltd.)
eddy_nigg at startcom.org
Thu May 2 13:07:30 MST 2013
On 05/02/2013 10:59 PM, From Rich Smith:
>
>
> I absolutely consider the methods you quoted far more sufficient than
> simply looking at WHOIS information. It is well known that the domain
> registrars, with a few possible exceptions, do absolutely no vetting
> of the information contained in WHOIS so just looking at WHOIS for
> MYFAKEMICROSOFT.COM and seeing Microsoft's name and address in the
> Registrant details is completely useless as any kind of actual
> verification of anything except that the actual domain owner knows how
> to look up a company's address.
>
That's correct - the idea by looking at the WHOIS records is probably to
confirm that the same name that was verified means control/ownership
over it. But not that s my point, but the fact that a human is involved
in between for final confirmation - for example StartCom does domain
control validation aka BR and WHOIS confirmation aka EV for EV certs. In
my opinion probably the best approach for high assurance certs.
Regards
Signer: Eddy Nigg, COO/CTO
StartCom Ltd. <http://www.startcom.org>
XMPP: startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: Join the Revolution! <http://blog.startcom.org>
Twitter: Follow Me <http://twitter.com/eddy_nigg>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20130502/c18cdecf/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4540 bytes
Desc: S/MIME Cryptographic Signature
Url : https://cabforum.org/pipermail/public/attachments/20130502/c18cdecf/attachment.bin
More information about the Public
mailing list