[cabfpub] [EXTERNAL]Re: Ballot 190 - Recording BR Version Number
Ben Wilson
ben.wilson at digicert.com
Tue Aug 1 16:27:49 UTC 2017
There are two sides to this - one is with the CAs, where they record what
method was used, and the other is at the CA/Browser Forum level, where someone
maintains a chart, or whatever, of validation methods in effect, and
historically which ones were effective during which periods.
-----Original Message-----
From: Gervase Markham [mailto:gerv at mozilla.org]
Sent: Tuesday, August 1, 2017 10:06 AM
To: Ben Wilson <ben.wilson at digicert.com>; CA/Browser Forum Public Discussion
List <public at cabforum.org>; Kirk Hall <Kirk.Hall at entrustdatacard.com>
Subject: Re: [cabfpub] [EXTERNAL]Re: Ballot 190 - Recording BR Version Number
On 01/08/17 17:00, Ben Wilson wrote:
> Are we talking about what the CA records in its database for the
> validation method used, or are we talking about annotating the BRs
> with a record of when a change was made?
I am raising the problem that if there is a list of changes made and it goes
out of sync with reality, then what do I, at Mozilla, do if a CA says "well, I
didn't realise that change had been made because it wasn't added to the
official list"?
There should be one and exactly one method of knowing when changes are made.
Earlier, although perhaps not in this thread, someone suggested independent
version numbers for each of the methods. That has a similar issue - there
should be one and exactly one method of recording what validation method was
used.
Gerv
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4974 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170801/3f4d514a/attachment-0003.p7s>
More information about the Public
mailing list