[cabfpub] Ballot 169 problem report

Robin Alden robin at comodo.com
Thu Sep 8 09:51:07 UTC 2016


Thanks, Mads.



I agree.  I’ll try to get round to posting a ballot for an update.

I think as we start to implement the new methods we may pick out other minor
niggles like this.


Robin





From: Mads Egil Henriksveen [mailto:Mads.Henriksveen at buypass.no]
Sent: 08 September 2016 07:13
To: Robin Alden <robin at comodo.com>; CABFPub <public at cabforum.org>
Subject: RE: [cabfpub] Ballot 169 problem report



Hi Robin



I noticed this and mentioned it at time of voting - see attachment.



I think we should change the reference points to 4.2.1.



Regards

Mads



From: public-bounces at cabforum.org <mailto:public-bounces at cabforum.org>
[mailto:public-bounces at cabforum.org] On Behalf Of Robin Alden
Sent: 7. september 2016 15:37
To: CABFPub
Subject: [cabfpub] Ballot 169 problem report



Ballot 169 - “Revised Validation Requirements” introduced text into
section 3.2.2.4 which refers to section 3.3.1.



“3.2.2.4

…

Completed confirmations of Applicant authority may be valid for the issuance
of multiple certificates over time. In all cases, the confirmation must have
been initiated within the time period specified in the relevant requirement
(such as Section 3.3.1 of this document) prior to certificate issuance. For
purposes of domain validation, the term Applicant includes the Applicant's
Parent Company, Subsidiary Company, or Affiliate.

…“



Section 3.3.1 of the BRs now consists only of the section heading, with no
body text.

“3.3.1. Identification and Authentication for Routine Re‐key”



The text which was at 3.3.1 in the guidelines when we started working on
what became ballot 169 read:

Section 6.3.2 limits the validity period of Subscriber Certificates. The CA
MAY use the documents and data

provided in Section 3.2 to verify certificate information, provided that the
CA obtained the data or document

from a source specified under Section 3.2 no more than thirty‐nine (39)
months prior to issuing the

Certificate.

(taken from version 1.3.0 of the BRs)



That text now appears as the third paragraph of 4.2.1 (Performing
Identification and Authentication Functions)



Should we move that text back into 3.3.1, or should we change 3.2.2.4 so
that the reference points to 4.2.1 instead of pointing to 3.3.1?



Regards
Robin Alden

Comodo



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160908/9f9726c4/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5152 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160908/9f9726c4/attachment-0001.p7s>


More information about the Public mailing list