[cabfpub] Ballot 187 - Make CAA Checking Mandatory
sleevi at google.com
Tue Feb 28 18:11:41 UTC 2017
On Tue, Feb 28, 2017 at 5:44 AM, philliph--- via Public <public at cabforum.org
> 'Machine readable CPS' was suggested in the 90s, its an AI complete
This is not accurate for the problem described. Further, machine readable
PDFs (since it does seem the industry has normalized on PDFs) is quite an
easy problem; I know of many projects which are automatically generating
code from specification PDFs - whether they be the TPM module specification
or the x86 instruction set - so these are demonstrations of the same
problems being solved with a few hours of engineering, rather than being AI
> I think what was meant is mapping from the domain name to the set of roots
> permitted to issue. That is not an issue for IETF, could be for CABForum or
> for root programs.
No, what is meant is the opposite - a mapping between the logical
organization and the domain name(s) it recognizes it.
The customer relationship is with the organization, not the root or key.
The desire is to find a way for a customer to express "I am using this
organization to issue/manage my certificates", and from there, discern the
appropriate domain name value.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Public