[cabfpub] Updated Validation Working Group’s draft ballot to revise the current BR 3.2.2.4 on domain validation methods
kirk_hall at trendmicro.com
kirk_hall at trendmicro.com
Tue Sep 1 15:24:47 UTC 2015
I realized the draft domain validation ballot I attached with the email below (dated Aug. 28) had an error – it included a Method 10 (where the CA is also the domain registrar) that we didn’t need, because the same method was also added to the end of Method 1.
I removed this Method 10 from the attached draft dated Sept. 1 (but otherwise made no changes). Please review this new draft dated Sept. 1 for your comments on this Thursday’s call.
Kirk
From: Kirk Hall (RD-US)
Sent: Friday, August 28, 2015 10:50 AM
To: CABFPub (public at cabforum.org)
Subject: Validation Working Group’s draft ballot to revise the current BR 3.2.2.4 on domain validation methods
I attach the Validation Working Group’s draft ballot to revise the current BR 3.2.2.4 on domain validation methods for review and discussion at the next Forum teleconference call on Sept. 3. This is not a pre-ballot, but instead is a draft the VWG wants to use to generate comments from the Forum for further consideration. You will see there are a number of “open issues” where we want input from the Members.
The attached draft includes the following Summary of Changes at the start, which is important to help guide the discussion. We welcome all comments.
Summary of changes
The primary purpose of this change is to replace Domain Validation item 7 "Using any other method of confirmation which has at least the same level of assurance as those methods previously described" with a specific list of the approved domain validation methods (including new methods proposed by Members). This ballot also tightens up and clarifies the existing Domain Validation methods 1 through 6. This revised BR 3.2.2.4 describes the methods that CAs may use to confirm domain ownership or control. Other validation methods can be added in the future.
The Validation Working Group believes the domain validation rules should follow the current BR 3.2.2.4 structure as much as possible so the changes are easy to understand, be worded as simply and clearly as possible so as to be easily implemented by CAs worldwide, and should avoid unnecessary complications or additional requirements that don’t address with a realistic security threat. If a Forum Member wants to add any new requirements to these validation methods should be added, the Validation Working Group would prefer that the new requirements be proposed and discussed by separate ballot.
<table class="TM_EMAIL_NOTICE"><tr><td><pre>
TREND MICRO EMAIL NOTICE
The information contained in this email and any attachments is confidential
and may be subject to copyright or other intellectual property protection.
If you are not the intended recipient, you are not authorized to use or
disclose this information, and we request that you notify us by reply mail or
telephone and delete the original message from your mail system.
</pre></td></tr></table>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150901/2327b2d7/attachment-0002.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: New Domain Validation Draft 9-1-2015 (for CABF consideration).docx
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Size: 34986 bytes
Desc: New Domain Validation Draft 9-1-2015 (for CABF consideration).docx
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150901/2327b2d7/attachment.docx>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: New Domain Validation Draft 9-1-2015 (for CABF consideration).pdf
Type: application/pdf
Size: 383278 bytes
Desc: New Domain Validation Draft 9-1-2015 (for CABF consideration).pdf
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150901/2327b2d7/attachment-0002.pdf>
More information about the Public
mailing list