[cabfpub] [EXTERNAL] Ballot SC6 - Revocation Timeline Extension

Wayne Thayer wthayer at mozilla.com
Thu Aug 16 21:35:17 UTC 2018

On Thu, Aug 16, 2018 at 2:13 PM Curt Spann <cspann at apple.com> wrote:

> Hi Wayne,
> Have you considered adding language to address what happens if the domain
> registration is sold or transferred to other person/org? I am thinking of
> the scenario where a person buys a domain name and would like the
> previously issues certificates (which are still time valid) revoked.
> Yes, I did add language to cover that scenario: "The CA obtains evidence
that the validation of domain authorization or control for any
Fully-Qualified Domain Name or IP address in the Certificate should not be
relied upon."

There was some debate about how specific we should make this requirement
[1] that resulted in the ballot language.

[1] https://github.com/wthayer/documents/pull/1#discussion_r185324648

Another question I have is related to the the wording “in writing”. Is that
> defined somewhere?
> From the ballot text:
> The CA SHALL revoke a Certificate within 24 hours if:
> 1. The Subscriber requests in *writing* that the CA revoke the
> Certificate;
> No, I don't believe that phrase is defined. However it is the existing
language and is used in two other places in the BRs. I believe the typical
interpretation is paper, fax, email, or other forms of electronic
communication such as a form submission from the CA's website.

> Curt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20180816/453d0042/attachment-0003.html>

More information about the Public mailing list