[cabfpub] "Domain Name Registrar"

Geoff Keating geoffk at apple.com
Mon Aug 1 19:13:54 UTC 2016


> On 1 Aug. 2016, at 9:52 am, Peter Bowen <pzb at amzn.com> wrote:
> 
> I’m familiar with the two sections.  However I’m not clear on the rules for what goes where.

I think it’s not really a bright-line situation.  And, importantly, not one that really matters for the purpose of certificate issuance; no matter how you do it, you need to check that the domain is authorized all the way back to the root, whether that’s by consulting an IANA list or whois or whatever; the classification of registrars is just so you don’t have to keep verifying “yes, Verisign still runs .com just as it did 30 seconds ago for the previous domain”.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3321 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160801/0b63579a/attachment-0001.p7s>


More information about the Public mailing list