[cabfpub] [EXTERNAL]Re: Ballot 190

Gervase Markham gerv at mozilla.org
Mon May 1 12:41:12 UTC 2017


On 28/04/17 19:30, Kirk Hall via Public wrote:
> As I said on the call yesterday, we can’t run a query on our vetting
> system and ask “Which of the many tens of thousands of domains (yes,
> it’s that many) validated in our system were validated using Method
> X?”.  The only way to know that is to manually examine ALL of the tens
> of thousands of vetting files for those domain, one by one, to record
> which were validated using Method X.  That’s step one, and it would take
> hundreds of vetter-hours to complete.

Jeremy: can we add a sentence to section 3.2.2.4 in ballot 190: "CA's
SHOULD record the validation method used along with the validation data."
? Kirk has a reasonable point that people may not have done this in the
past, but we should make sure they do it in the future (or don't do it
at their own risk) so we are able to make updates to individual methods
without causing a revalidatiopocalypse.

Gerv



More information about the Public mailing list