[cabfpub] Continuing the discussion on CAA
Ryan Sleevi
sleevi at google.com
Mon Oct 24 13:41:19 MST 2016
On Mon, Oct 24, 2016 at 1:38 PM, Kirk Hall <Kirk.Hall at entrustdatacard.com>
wrote:
> Ryan, this discussion is happening on the Public list, and members of the
> public were not at our meeting.
>
Which is why minutes of our phone calls and meetings are so important.
> So please drop your quibbling, and just restate whatever evidence you
> have – on the Public list, so everyone can evaluate it – that CAA would
> have prevented any known misissuance of certificates to a fraudster not
> associated with the certificate applicant.
>
It looks like the paragraph beginning "In the case of Google domains, we
went " may have been dropped, so I've provided it again for you, in the
hopes it might make it through this time, and your memory might be jogged.
"In the case of Google domains, we went and added CAA records to our
properties, which has prevented unauthorized issuance. I was precise in my
terminology here - unauthorized - because it's not authorized by the domain
holder, even if it's valid according to the language of Section 3.2.2.4"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20161024/dce292aa/attachment.html>
More information about the Public
mailing list