[cabfpub] CAA (was RE: Domain Control Validation)

Ben Wilson ben.wilson at digicert.com
Mon Aug 25 13:19:31 MST 2014

On Aug 25, 2014, 

Ben W. said, “if the CA gives the applicant a code that they need to put in the TXT record, and that happens,” and 

Ryan S. replied, “I think a CA-generated code with the DNS admin placing it is equivalent to mechanisms 1-6 for control demonstration purposes”. 

I think we ought to allow this as another method of confirming domain control for purposes of EV.

What do others think?  Even though this would be added to section 11.1.1 of the BRs, it currently is an EV issue because of the wording in EVG 11.6.1(1), so would this be something to add to the EV Working Group’s issues list?  If so, I’ll move this discussion over to the EV Working Group.  Also, if you are interested in word-smithing a ballot proposal, let me know.  



-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20140825/4d444f74/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4998 bytes
Desc: not available
Url : https://cabforum.org/pipermail/public/attachments/20140825/4d444f74/attachment.bin 

More information about the Public mailing list