[cabfpub] CNAME-based validation

Jeremy Rowley jeremy.rowley at digicert.com
Fri Sep 2 14:26:17 MST 2016


I realized after reviewing my proposal that it will require a new method
under the domain validation section. Therefore, I'm proposing we add the
following as a new permitted method for domain validation:

 

Add the following as Section 3.2.2.4.11:

 

Confirming the Applicant's control over the requested FQDN by appending a
Random Value or Request Token as a sub domain to an Authorization Domain
Name and pointing the CNAME record of the created sub domain to a FQDN
verified by the CA using one of methods permitted under Section 3.2.2.4

 

Looking for two endorsers.

 

Jeremy

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20160902/a68d5bc7/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4964 bytes
Desc: not available
Url : https://cabforum.org/pipermail/public/attachments/20160902/a68d5bc7/attachment.bin 


More information about the Public mailing list