[cabfpub] EV Wildcards

Dean Coclin Dean_Coclin at symantec.com
Fri May 22 21:24:58 UTC 2015

I'm totally open to having this discussion and I think it's best done at the 
face to face so I'll put additional time for this session.


-----Original Message-----
From: Gervase Markham [mailto:gerv at mozilla.org]
Sent: Friday, May 22, 2015 4:53 AM
To: Ryan Sleevi; Dean Coclin
Cc: CABFPub (public at cabforum.org)
Subject: Re: [cabfpub] EV Wildcards

On 22/05/15 02:27, Ryan Sleevi wrote:
> As we discussed on the past week's call, I think it's very important
> to have the discussion first about what the information in the
> certificate is supposed to represent, before we can have any truly
> meaningful discussion about EV wildcards.

I think that's true. And also, to continue to use cloud providers as an 
example, if we pick "just the cloud provider" or we pick "just the site 
operator", then we have to say how we prevent the other party getting a cert. 
Do we do it by restricting the validation methods, or by adding an extra check 
by the CA, or by requiring the applicant to assert their role in contract, or 
a different way altogether?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6130 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150522/6d9f4308/attachment-0001.p7s>

More information about the Public mailing list