[cabfpub] [EXTERNAL]Re: Ballot 190

Kirk Hall Kirk.Hall at entrustdatacard.com
Mon May 1 16:37:40 UTC 2017


As Bruce said on our call last week, adding flags to our vetting system as to what type of vetting method was used in in on our roadmap - but right now, we can't know without opening each and every vetting file for each and every domain that was vetted over the past 39 months.  This was never an important piece of data in the past.

-----Original Message-----
From: Public [mailto:public-bounces at cabforum.org] On Behalf Of Gervase Markham via Public
Sent: Monday, May 1, 2017 5:41 AM
To: CA/Browser Forum Public Discussion List <public at cabforum.org>
Cc: Gervase Markham <gerv at mozilla.org>
Subject: Re: [cabfpub] [EXTERNAL]Re: Ballot 190

On 28/04/17 19:30, Kirk Hall via Public wrote:
> As I said on the call yesterday, we can’t run a query on our vetting 
> system and ask “Which of the many tens of thousands of domains (yes, 
> it’s that many) validated in our system were validated using Method 
> X?”.  The only way to know that is to manually examine ALL of the tens 
> of thousands of vetting files for those domain, one by one, to record 
> which were validated using Method X.  That’s step one, and it would 
> take hundreds of vetter-hours to complete.

Jeremy: can we add a sentence to section 3.2.2.4 in ballot 190: "CA's SHOULD record the validation method used along with the validation data."
? Kirk has a reasonable point that people may not have done this in the past, but we should make sure they do it in the future (or don't do it at their own risk) so we are able to make updates to individual methods without causing a revalidatiopocalypse.

Gerv
_______________________________________________
Public mailing list
Public at cabforum.org
https://cabforum.org/mailman/listinfo/public


More information about the Public mailing list