[cabfpub] Ballot 169 - Revised Validation Requirements

Ryan Sleevi sleevi at google.com
Thu Jul 28 11:12:13 MST 2016 

Yup, thanks :)

On Thu, Jul 28, 2016 at 8:33 AM, Peter Bowen <pzb at amzn.com> wrote:

>
> > On Jul 22, 2016, at 11:25 AM, Ryan Sleevi <sleevi at google.com> wrote:
> >
> > Regrettably, despite multiple readings throughout this, I appear to have
> missed some things in the definitions.
> >
> > I'm mostly hoping for clarification, as it might simply be wording
> issues that can be corrected without changing the substance or intent of
> the ballot.
> >
> > On Fri, Jul 22, 2016 at 11:06 AM, Ben Wilson <ben.wilson at digicert.com>
> wrote:
> >
> > Base Domain Name: The portion of an applied-for FQDN that is the first
> domain name node left of a registry-controlled or public suffix plus the
> registry-controlled or public suffix (e.g. "example.co.uk" or "example.com").
> For gTLDs, the domain www.[gTLD] will be considered to be a Base Domain.
> >
> >
> > Why the "For gTLDs" clause? Is "www.[gTLD]" reserved by ICANN? Is this
> meant as a clause for Spec-13 situations? For example, as I read it, if
> Google wanted to get a certificate for "foo.google", the combined
> definition of "Authorization Domain Name" and "Base Domain Name" would
> potentially prohibit this - that is, as worded, it suggests "For gTLDs" is
> mutually exclusive with the preceding sentence.
> >
> > I'm unclear if this was meant to be "will also be" - but if so, it's
> unclear why the gTLD case isn't handled previously. Is it meant to permit
> the WHOIS lookups for such spec-13 gTLDs? If so, it would only be necessary
> if you're applying for a bare certificate (either "*.[gTLD]" or [gTLD], and
> the latter is either prohibited or strongly-discouraged per ICANN SSAC on
> single-label hosts)
> >
> > QUESTION: Can someone explain the context/intent of this clause?
> > SUGGESTION: Can this clause be removed? Would the addition of the word
> "also" change the semantic meaning or interpretation?
>
> You are correct that the second sentence is confusing and unnecessary.  I
> would propose that the definition be changed to read:
>
> "Base Domain Name: The portion of an applied-for FQDN that is the first
> domain name node left of a registry-controlled or public suffix plus the
> registry-controlled or public suffix (e.g. "example.co.uk" or "example.com").
> For FQDNs where the right most domain name node is a gTLD having ICANN
> specification 13 in its registry agreement, gTLD itself may be used as the
> base domain name."
>
> Thanks,
> Peter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20160728/5fe1a7ce/attachment.html

More information about the Public mailing list