[cabfpub] Domain validation

Thu Apr 16 16:36:52 UTC 2015

This is an awfully subjective argument.

Per the last WHOIS accuracy report from ICANN, email is accurate 90% of the time. Telephone is accurate about 75% of the time. Although I don't have numbers on this part, I suspect the number of servers with a compromised well-known directory is well below this threshold.

From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On Behalf Of Anoosh Saboori
Sent: Thursday, April 16, 2015 10:07 AM
To: Eddy Nigg; public at cabforum.org
Subject: Re: [cabfpub] Domain validation

I agree. It takes me back to my original comment: #6 (storing a random value under a well-known folder) is not at par with other methods outlined in this section.

From: public-bounces at cabforum.org<mailto:public-bounces at cabforum.org> [mailto:public-bounces at cabforum.org] On Behalf Of Eddy Nigg
Sent: Thursday, April 16, 2015 8:51 AM
To: public at cabforum.org<mailto:public at cabforum.org>
Subject: Re: [cabfpub] Domain validation

On 04/16/2015 06:45 PM, Eddy Nigg wrote:

On 04/16/2015 06:42 PM, Jeremy Rowley wrote:
But they are rarely updated and often inaccurate.

Well, if they don't match your records than they can update it to make it correct. This also confirms that they really control the domain :-)

Anyway, the WHOIS records I find are more correct than not or they are obscured (privacy).

Besides that, email addresses found in the WHOIS records can't be really incorrect I assume...which is the only thing used for a domain control validation.
--
Regards

Signer:

Eddy Nigg, COO/CTO

StartCom Ltd.<http://www.startcom.org>

XMPP:

startcom at startcom.org<xmpp:startcom at startcom.org>

Blog:

Join the Revolution!<http://blog.startcom.org>

Twitter:

Follow Me<http://twitter.com/eddy_nigg>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150416/375280bc/attachment-0003.html>