[cabfpub] Proposed motion to modify EV domain verification section

Steve Roylance steve.roylance at globalsign.com
Fri May 3 15:22:26 UTC 2013


Hi Yngve.


+1 as this makes good sense and preserves the EV security advantages but
allows us to use the BR breadth of alternatives too.  (It also addresses
Bruce's concern from his recent post)

Steve

On 03/05/2013 13:37, "Yngve N. Pettersen" <yngve at spec-work.net> wrote:

>On Thu, 02 May 2013 21:22:28 +0200, Eddy Nigg (StartCom Ltd.)
><eddy_nigg at startcom.org> wrote:
>
>>
>> On 05/02/2013 09:16 PM, From Rich Smith:
>>>
>>> In the interest of simplifying the EV Guidelines and to allow
>>> uniformity of processes where possible I propose the following
>>> amendment to the EV Guidelines.  I'm looking for two endorsers.
>>>
>>
>> Do you really consider of these to be sufficient for EV?
>
><snip>
>
>Just a general thought: If there is overlap between domain verification
>procedures in the BR and EV, but not complete overlap, with the ones
>outside the overlap being insufficient for EV, perhaps the way forward
>would be to separate the procedures that are common for EV and BR out as
>a  
>separate set of procedures? Then the ones that are not suitable for EV
>can  
>be specified in a separate subsection.
>
>This would of course require editing the BR, as well as the EV
>guidelines,  
>and would likely require a synchronized version release. This would be
>more complex, but would accomplish what is being proposed, without
>reducing the EV security.
>
>-- 
>Sincerely,
>Yngve N. Pettersen
>
>Using Opera's mail client: http://www.opera.com/mail/
>_______________________________________________
>Public mailing list
>Public at cabforum.org
>https://cabforum.org/mailman/listinfo/public





More information about the Public mailing list