[cabfpub] Fwd: [cabfquest] CAB Forum WG Draft

Ryan Sleevi sleevi at google.com
Thu Apr 14 16:28:53 UTC 2016

---------- Forwarded message ----------
From: Kane York <kanepyork at gmail.com>
Date: Wed, Apr 13, 2016 at 6:59 PM
Subject: Re: [cabfquest] [cabfpub] CAB Forum WG Draft
To: questions at cabforum.org

Proofreading comments.

> The Random Value MUST be sent to an email address, fax/SMS number, or
postal mail address identified by the Domain Contact.

How is the Domain Contact supposed to identify these points of contact?
Should copy the language from below: "identified by the Domain Name
Registrar as the Domain Contact."

> The Random Value SHALL remain valid for use in a confirming response for
no more than 30 days from its creation.

I think it's worth specifying that a Certificate Practice Statement MAY
specify a lower validity period.

> under "/.well-known/pki-validation" directory

under the "/.well-known/pki-validation" directory

> and SHALL not use the Random Value after (i) 30 days

What the heck does this mean?

> Definition. Authorization Domain Name.
> If the FQDN starts with a wildcard character,

"if the Domain Name is a Wildcard Domain Name" ?

~Kane York
Issuance Software Engineer at Let's Encrypt

Questions mailing list
Questions at cabforum.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160414/6c6670fe/attachment-0002.html>

More information about the Public mailing list