[cabfpub] [EXTERNAL] Forbid DTPs from doing Domain/IP Ownership Validation ballot draft

Peter Bowen pzb at amzn.com
Thu Apr 27 14:13:45 UTC 2017

> On Apr 26, 2017, at 3:05 PM, Kirk Hall via Public <public at cabforum.org> wrote:
> Gerv, I’m late to the discussion on this.  By can you start at the beginning, and explain why you believe DTPs should not be permitted to perform domain validation under any circumstances?


My view is that this isn’t about DTPs.  This is about simplification of the BRs, which we can all agree are very long and complex.  I have not heard anyone speak up and say that they are using DTPs for domain validation.  I would even take it a step further and suggest that we consider removing the DTP language all together, leaving only constrained RAs.  This would avoid a lot of and conditional requirements.

I think the key issue is whether anyone is still depending on independently audited DTPs or if all external validation is only in the constrained/Enterprise RA context.


More information about the Public mailing list