[cabfpub] BR 3.2.2.4.4 question

Jeremy Rowley jeremy.rowley at digicert.com
Thu Oct 12 22:40:17 UTC 2017


Yes. Pretty sure we’re all saying the same thing at this point.

On Oct 12, 2017, at 4:02 PM, Moudrick M. Dadashov via Public <public at cabforum.org<mailto:public at cabforum.org>> wrote:

Yes.

As the keyword in Jeremy's question was "translation" to other languages  I thought those names (admin etc.) shouldn't be treated as English words.

Thanks,
M.D.

On 10/13/2017 12:49 AM, Ryan Sleevi wrote:
Yes, it indicates the name of a mailbox, but that doesn't resolve the issue (as I believe your intent was).

That is, put differently, some Applicants are saying that a translated address delivers to the same local mailbox as the required address. This is no different than an Applicant saying "sleevi at google" and "s.l.e.e.v.i at google" or "sleevi+cabf at google" deliver to the same local mailbox. Regardless of whether this is true or not, it's an Applicant-supplied piece of information, and the CA has to verify it. The only way that the CA can verify, as allowed under 3.2.2.4.4, is to send to the required mailbox :)

On Thu, Oct 12, 2017 at 5:44 PM, Moudrick M. Dadashov <md at ssc.lt<mailto:md at ssc.lt>> wrote:
Hi Ryan,

My point was that the part before the @<https://en.wikipedia.org/wiki/@> symbol (local-part) identifies the name of a mailbox (it is not a word in any language, so it can't be translated). Correct?

Thanks,
M.D.


On 10/13/2017 12:27 AM, Ryan Sleevi wrote:
I'm not sure your point, Moudrick?

On Thu, Oct 12, 2017 at 5:14 PM, Moudrick M. Dadashov via Public <public at cabforum.org<mailto:public at cabforum.org>> wrote:
FYI:  An addr-spec is a specific Internet identifier that contains a locally interpreted string followed by the at-sign character ("@", ASCII value 64) followed by an Internet domain.

Thanks,
M.D.


On 10/13/2017 12:00 AM, Jeremy Rowley via Public wrote:
Section 3.2.2.4.4 states that CAs can validate an email by “(i) sending an email to one or more addresses created by using 'admin', 'administrator', 'webmaster', 'hostmaster', or 'postmaster' as the local part, followed by the at‐ sign ("@"), followed by an Authorization Domain Name, (ii) including a Random Value in the email, and (iii) receiving a confirming response utilizing the Random Value”.

Recently, we’ve been getting requests to send the email to the Spanish word for administrator (“Administrador” according to Google translate – I don’t speak Spanish). I don’t think this is permitted because the BRs specifically state that the five key email words permitted.   Should translations of those words be allowed?

Jeremy



_______________________________________________
Public mailing list
Public at cabforum.org<mailto:Public at cabforum.org>
https://cabforum.org/mailman/listinfo/public



_______________________________________________
Public mailing list
Public at cabforum.org<mailto:Public at cabforum.org>
https://cabforum.org/mailman/listinfo/public





_______________________________________________
Public mailing list
Public at cabforum.org<mailto:Public at cabforum.org>
https://cabforum.org/mailman/listinfo/public
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20171012/b0ef3050/attachment-0003.html>


More information about the Public mailing list