[cabfpub] For discussion: Restricting the use of file-based demonstrations of control
rob.stradling at comodo.com
Mon Jun 2 14:15:37 UTC 2014
On 02/06/14 14:47, Ryan Sleevi wrote:
> In practice, we tend to see filesystem-based verifications result in
> files being left on the root system, perhaps indefinitely. Additionally,
> enumerating file names - even without their contents - is also a fairly
> common attack.
Ryan, how about if the authorized CA was permitted to use each CSR hash
value as a demonstration of control a maximum of _once_ ?
Senior Research & Development Scientist
COMODO - Creating Trust Online
More information about the Public