[cabfpub] Ballots 202 and 190

Peter Bowen pzb at amzn.com
Wed Jul 19 14:44:11 MST 2017 

This was discussed on the last validation working group call. Jeremy provided a revision to the 3.2.2.4.2 text to try to address this specific issue.

I’ve attached another draft that builds on my previous draft.  Here is the relevant text.  How does this look?

3.2.2.4.4 Email to Constructed Address

Confirm the Applicant's control over the requested Domain Name by (i) sending an email to one or more addresses created by using 'admin', 'administrator', 'webmaster', 'hostmaster', or 'postmaster' as the local part, followed by the at-sign ("@"), followed by an Authorization Domain Name, (ii) including a Random Value in the email, and (iii) receiving a confirming response utilizing the Random Value.

Each email MAY confirm control of multiple Domain Names, provided the Authorization Domain Name used in the email is an Authorization Domain Name for each Domain Name being confirmed

The CA MAY resend an email, fax, SMS, or postal mail that reuses the previously sent Random Value if the communication's entire contents (including the Random Value) and recipient(s) are not changed.  In all other cases, CA MUST use a unique Random Value in each email, fax, SMS, or postal mail

The confirming response MUST be received no more than 30 days after the creation of the Random Value. The CPS MAY specify a shorter validity period for Random Values, in which case the CA MUST follow its CPS.





> On Jul 19, 2017, at 2:23 PM, Curt Spann <cspann at apple.com> wrote:
> 
> Hi Peter,
> 
> I have one question about ballot 190 Section: 3.2.2.4.2:
> Section: 3.2.2.4.2 Email, Fax, SMS, or Postal Mail to Domain Contact
> 
> Text: “The CA MAY send the email, fax, SMS, or postal mail identified under this section to more than one recipient provided that every recipient is identified by the Domain Name Registrar as representing the Domain Name Registrant for every Domain Name being verified using the email, fax, SMS, or postal mail.  
> 
> The Random Value SHALL be unique in each email, fax, SMS, or postal mail.”
> 
> Question: In the case of multiple recipients is this the same email, fax, SMS, postal mail being sent to each recipient individually which means the random value will be the same for all or will the random value be different per recipient?
> 
> Cheers,
> Curt
> 
>> On Jul 16, 2017, at 3:03 PM, Peter Bowen via Public <public at cabforum.org <mailto:public at cabforum.org>> wrote:
>> 
>> Kirk,
>> 
>> One clarification.  My draft of Ballot 190 does not include the changes from 202, rather it assumes the BRs already include the changes in 202.  It is also worth noting that the yellow highlights in the 190 draft are for review purposes only; that are not meant to be in the final BRs.
>> 
>> Thanks,
>> Peter
>> 
>>> On Jul 16, 2017, at 2:07 PM, Kirk Hall via Public <public at cabforum.org <mailto:public at cabforum.org>> wrote:
>>> 
>>> Peter has put together two ballots, Ballot 202 (now in the discussion period, ending Wed.) and 190, and presented them as track changes in the entire BRs.  I have created the attached pdfs that only include the pages with changes (I think – Peter, double check me) for easier review.  Certain changes, like the revision of the important new definition of Authorization Domain Name, affect both ballots.
>>>  
>>> This is an unusual situation – Ballot 202 will likely be voted on first, so Peter has assumed Ballot 202 passes and includes all the 202 changes in his Ballot 190.  So I recommend people start by reviewing 202, and then 190 knowing it includes those changes from 202.
>>>  
>>> I also attach my last version of Ballot 190 v6 so we can make sure 202/190 include all the necessary changes.
>>>  
>>> I have not had time to review these ballots in detail yet, but given how little time we have before voting starts, I encourage others to review them quickly and forward any questions / comments.  Because this affects domain validation rules, we want to make sure we get this right.
>>> <Ballot 202 (PB 7-13-2017) CA-Browser Forum BR 1.4.10 draft.pdf><Ballot 190 (PB 7-13-2017) CA-Browser Forum BR 1.4.10 draft with 182bis.pdf><Ballot 190 v6 (7-6-2017).pdf>_______________________________________________
>>> Public mailing list
>>> Public at cabforum.org <mailto:Public at cabforum.org>
>>> https://cabforum.org/mailman/listinfo/public <https://cabforum.org/mailman/listinfo/public>
>> 
>> _______________________________________________
>> Public mailing list
>> Public at cabforum.org <mailto:Public at cabforum.org>
>> https://cabforum.org/mailman/listinfo/public <https://cabforum.org/mailman/listinfo/public>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20170719/d2495a95/attachment-0002.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CA-Browser Forum BR 1.4.10 draft with 182bis.docx
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Size: 175859 bytes
Desc: not available
URL: <http://cabforum.org/pipermail/public/attachments/20170719/d2495a95/attachment-0001.docx>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20170719/d2495a95/attachment-0003.html>

More information about the Public mailing list