[cabfpub] Preballot - Revised Ballot 190
Gervase Markham
gerv at mozilla.org
Wed May 17 11:23:21 MST 2017
On 17/05/17 18:04, Ryan Sleevi via Public wrote:
> I totally appreciate that sentiment, but you realize one area of the
> concern and issues has been the proposal - made by Kirk, Gerv, and
> Jeremy - to allow the reuse of insecurely-validated domain names.
This is why I am proposing this. Not because I like it, but because CAs
have not kept records of which method was used, any per-method variance
would require them to redo all validations. (And I'm not up for
requiring every CA to redo every validation, either, and it wouldn't
pass even if I was.) So we sigh, grandfather everything in one last
time, and make it a requirement that CAs record the method used so that
in future, we can do method-specific rules.
What's the alternative proposal, given that many or most CAs can't do
per-method rules right now?
Gerv
More information about the Public
mailing list