[cabfpub] CAA (was RE: Domain Control Validation)
ben.wilson at digicert.com
Mon Aug 25 13:29:02 MST 2014
Good points. Thanks.
From: Chris Palmer [mailto:palmer at google.com]
Sent: Monday, August 25, 2014 2:25 PM
To: Ben Wilson
Subject: Re: [cabfpub] CAA (was RE: Domain Control Validation)
On Mon, Aug 25, 2014 at 1:19 PM, Ben Wilson <ben.wilson at digicert.com> wrote:
> Ben W. said, “if the CA gives the applicant a code that they need to
> put in the TXT record, and that happens,” and
> Ryan S. replied, “I think a CA-generated code with the DNS admin
> placing it is equivalent to mechanisms 1-6 for control demonstration purposes”.
> I think we ought to allow this as another method of confirming domain
> control for purposes of EV.
You'd want to also specify time-limits, one-time-use, and non-replayability for the token.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 4998 bytes
Desc: not available
Url : https://cabforum.org/pipermail/public/attachments/20140825/0b33ca03/attachment.bin
More information about the Public