[cabfpub] Domain validation

Ryan Sleevi sleevi at google.com
Mon May 15 15:54:30 MST 2017 

Jeremy,

I think the trend has been to try to keep revisions simple - so that we
don't introduce any unintentional scope. Could you expand on the reasoning
for coupling these? As we saw with Ballot 193/197, it seems like it makes
it more error prone.

You posed it as a ballot, so it makes it hard to comment on line items
(Using word to "track changes" is not a very publicly accountable or
managable process), but I'm hoping to better understand.

Could you
1) Highlight what you believe are inconsistencies in the existing language?
2) Highlight why you believe there are differences between subdomains and
authorized domain names?


On Mon, May 15, 2017 at 4:41 PM, Jeremy Rowley via Public <
public at cabforum.org> wrote:

> While working on implementing the methods defined by ballot 169, we
> noticed a lot of inconsistencies in the language and process. This made
> some of the methods confusing, especially on how they applied to reuse of
> information and verification of subdomains/wildcards.  Attached is a
> proposal that we think clarifies the process and tightens up the language.
>
>
>
> A couple of notes:
>
>    1. The proposal doesn’t intend to substantially change any of the
>    methods. However, this is DigiCert’s interpretation of the requirements.
>    Given the previous language, disagreement on the interpretation is likely
>    and will highlight the need for a clarifying ballot.
>    2. This method doesn’t necessarily replace 190. If longer discussion
>    is needed (because there are lots of changes), then this could be a
>    subsequent revision to the validation methods and include more stringent
>    controls (like reverifying WHOIS information within 30 days and restricting
>    sub-domain methods). For now, I tried to keep the process and reuse the
>    same.
>    3. The proposal separates out sub domain reuse, reuse of
>    documentation, and splits the longer methods into discrete steps.  There
>    are lots of redundant sections. This is intentional. The goal is to
>    (eventually) talk about each method discretely and decide what requirements
>    are tied to document reuse and sub-domain validation.
>
>
>
> Look forward to your comments.
>
>
>
> Jeremy
>
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20170515/dd9d6d97/attachment.html>

More information about the Public mailing list