[cabfpub] Final Domain Validation Methods pre-ballot for Forum consideration
sleevi at google.com
Thu Oct 15 12:12:46 MST 2015
Reposting on behalf of Peter Bowen
Thank you and all the validation working group members for publishing this
draft. I think these changes will overall strengthen the validation
However, I think two of the new methods might have .
In Item J, it suggests that the random token is only valid for a FQDN
validation. I think DNS validation should be allowed for domain
hierarchies in addition to specific FQDNs. A domain registrant should be
able to choose to approve all FQDNs under corp.example.com by adding a
record for corp.example.com.
Conversely, in item K, using Authorization Domain seems in appropriate.
Just because I control the IP address of corp.example.com doesn't mean I
have control payments.corp.example.com.
I hope that the VWG considers this feedback for the next draft.
On Thu, Sep 10, 2015 at 5:27 PM, kirk_hall at trendmicro.com <
kirk_hall at trendmicro.com> wrote:
> The Validation Working Group (VWG) met this morning to discuss the
> remaining issues in our final Domain Validation Methods pre-ballot.
> The only open issue after the Forum discussed the last draft (dated Sept.
> 1) on last week’s call was which ports to list as “Authorized Ports” for
> the practical demonstration methods. While we had some good input from
> members, in the end the VWG decided not to change the current definition of
> Authorized Ports from the last draft, which reads as follows:
> *Authorized Port: *One of the following ports: 80 (http), 443 (http),
> 115 (sftp), 25 (smtp), 22 (ssh).
> I also modified the language for revised Method 1 in Line C to make it
> clearer and correct the references to the EV Guidelines, but otherwise not
> make any substantive changes.
> *Dean* – can you put this revised draft domain validation ballot (dated
> Sept. 10) on the Agenda for the next CA-Browser Forum call on Sept. 17?
> Depending on the discussion at that time, the VWG will either bring the
> draft ballot back to the working group for further work, or present it as
> an actual ballot for review and voting by the Forum later this month.
> TREND MICRO EMAIL NOTICE
> The information contained in this email and any attachments is confidential
> and may be subject to copyright or other intellectual property protection.
> If you are not the intended recipient, you are not authorized to use or
> disclose this information, and we request that you notify us by reply mail or
> telephone and delete the original message from your mail system.
> Public mailing list
> Public at cabforum.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Public