[Servercert-wg] Ballot SC15: Remove Validation Method Number 9

Doug Beattie doug.beattie at globalsign.com
Thu Jan 17 12:20:34 MST 2019


 

I'm looking for 2 endorsers.

 

 

Ballot SC15: Remove Validation Method Number 9

 

Purpose of Ballot:  Method 9, Test Certificate, is insecure when web hosting
platforms use a single IP address for more than one Domain Name, so this
method must not be used.

 

The following motion has been proposed by Doug Beattie of GlobalSign and
endorsed by XXX and YYY

 

--- MOTION BEGINS ---

This ballot modifies the "Baseline Requirements for the Issuance and
Management of Publicly-Trusted Certificates" as follows, based on Version
1.6.2:

 

Replace the content of section 3.2.2.4.9 with:

 

This method has been retired and MUST NOT be used.

 

 

--- MOTION ENDS ---

 

*** WARNING ***: USE AT YOUR OWN RISK.  THE REDLINE BELOW IS NOT THE
OFFICIAL VERSION OF THE CHANGES (CABF Bylaws, Section 2.4(a)):

 

A comparison of the changes can be found at:
https://github.com/dougbeattie/documents/compare/master...dougbeattie:SC15--
-Remove-Method-9 

 

 

The procedure for approval of this ballot is as follows:

 

Discussion (7+ days)

 

Start Time: TBD

 

End Time: TBD

 

Vote for approval (7 days)

 

Start Time: TBD

 

End Time: TBD

 

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20190117/db2a8a15/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5701 bytes
Desc: not available
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20190117/db2a8a15/attachment.p7s>


More information about the Servercert-wg mailing list