[cabfpub] Proposed motion to modify EV domain verification section

Eddy Nigg (StartCom Ltd.) eddy_nigg at startcom.org
Wed May 15 19:09:55 UTC 2013

On 05/15/2013 08:47 PM, From Ben Wilson:
> Domain registration, control, etc., and proper authorization will 
> still be a part of EV. The issue is more about consistency between the 
> Baseline Requirements and the EV Guidelines in one small part of the 
> process. If there is a deficiency that makes anyone think that an EV 
> certificate would no longer be considered "extended," then they should 
> point that out, explain why, and then it should be discussed. In other 
> words, what are the processes currently in use to perform the basic 
> first steps of domain validation for DV, OV, and EV?

Basically DV is what the BR requires at the minimum, OV is an identity 
or organization validation according to the BR + DV, EV is the 
organization validation and domain control/use validation specific to EV 
(as it requires today an interaction with the WHOIS by a CA employee).

> There is no doubt that EV has additional steps over DV and OV, but the 
> latter should be a clear subset of the former.

I'd agree with that, but then we probably should require any of the BR 
domain control validation procedures PLUS the human interaction with the 
WHOIS. That would make it really a subset plus extended.

But of course we are discussing this right now - in my opinion it's the 
browser vendors mostly that have to weigh in on this as I recall this 
particular issue was clearly discussed in the past (IIRC specially at 
Mozilla). If there is no objection from them, we can continue 
considering the implications of such a change.

Signer: 	Eddy Nigg, COO/CTO
	StartCom Ltd. <http://www.startcom.org>
XMPP: 	startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: 	Join the Revolution! <http://blog.startcom.org>
Twitter: 	Follow Me <http://twitter.com/eddy_nigg>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130515/22ecb169/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4540 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130515/22ecb169/attachment-0001.p7s>

More information about the Public mailing list