[cabfpub] Pre-ballot for Ballot 190
gerv at mozilla.org
Fri Jun 30 18:00:50 MST 2017
On 29/06/17 11:51, Ryan Sleevi via Public wrote:
> My concrete suggestion: Remove the entire "Note" section to avoid the
> hopefully unintentional ambiguity. This same probably, notably, persists
> through every "Note" being introduced - in the effort of trying to
> introduce clarity, it actually introduces conflicting language that
> either disagrees with the definition of ADN, or redefines it.
I think the Note sections make (reasonably) clear what was implicit but
unclear in previous versions, and so are helpful. Unless you think
that's not true, and they make normative changes (if so, what exactly?)
then it would be useful if you were to suggest a form of words which
expresses what we all know we are trying to say.
> Finally, in considering the proposed changes to 4.2.1, it's worth noting
> that the provision beginning "After the change to any validation method"
> - as worded, this would permit CAs to continue to use the "Any other
> method" of validation for another three years. Is it intentional that,
> after nearly 3 years of discussion, CAs are still permitted to use
> insecure validations?
At the moment, many CAs are technically using "any other method"
validations to use validation methods which correspond to some of the
ones we are reintroducing but which are not currently in the document.
Do you have a way we can distinguish, in text, between that situation
and the situation where a CA has just made up some random method?
Additionally, some of the methods currently documented were "any other
method" methods before we expanded the list. Again, do you have a way to
distinguish? Particularly as they might have been exactly the same as
that now documented, or different in one or more particulars. How do we
decide what's material?
More information about the Public