[cabfpub] CNAME-based validation

Jeremy Rowley jeremy.rowley at digicert.com
Fri Sep 2 21:26:17 UTC 2016


I realized after reviewing my proposal that it will require a new method
under the domain validation section. Therefore, I'm proposing we add the
following as a new permitted method for domain validation:

 

Add the following as Section 3.2.2.4.11:

 

Confirming the Applicant's control over the requested FQDN by appending a
Random Value or Request Token as a sub domain to an Authorization Domain
Name and pointing the CNAME record of the created sub domain to a FQDN
verified by the CA using one of methods permitted under Section 3.2.2.4

 

Looking for two endorsers.

 

Jeremy

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160902/a68d5bc7/attachment-0002.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4964 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160902/a68d5bc7/attachment.p7s>


More information about the Public mailing list