[cabfpub] Voting begins: Ballot 218 version 2
jimmy at it.auth.gr
jimmy at it.auth.gr
Thu Feb 1 08:10:42 MST 2018
Good to know! I'm not part of the validation WG and participating in the Policy and NetSec WGs doesn't leave much room for another WG. I'll try to read the minutes and emails you post on the mailing list.
Thanks,
Dimitris.
-----Original Message-----
From: Tim Hollebeek <tim.hollebeek at digicert.com>
To: Dimitris Zacharopoulos <jimmy at it.auth.gr>, CA/Browser Forum Public
Discussion List <public at cabforum.org>
Sent: Thu, 01 Feb 2018 16:41
Subject: RE: [cabfpub] Voting begins: Ballot 218 version 2
You’re right and there is a proposal to do exactly that. It will be discussed on the VWG today if you want to join. We do need a more formal and rigorous evaluation of the risks and vulnerabilities inherent in the use of each validation method.
-Tim
Intuitively, these methods were proved to be the "weakest" among the other methods, even though there are known vulnerabilities for almost all of them (including DNS/routes hijacking, etc). The validation working group should discuss more about the threats of each method (and how to formalize the level of assurance) in case a similar discussion about the other methods is brought forward.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20180201/54328d63/attachment.html>
More information about the Public
mailing list