[Servercert-wg] High Risk Certificate Requests
Neil Dunbar
ndunbar at trustcorsystems.com
Thu May 28 06:41:49 MST 2020
All,
Looking in the BRs, I noticed that HRCR is defined:
> High Risk Certificate Request: A Request that the CA flags for
> additional scrutiny by reference to internal criteria and databases
> maintained by the CA, which may include names at higher risk for
> phishing or other fraudulent usage, names contained in previously
> rejected certificate requests or revoked Certificates, names listed on
> the Miller Smiles phishing list or the Google Safe Browsing list, or
> names that the CA identifies using its own risk-mitigation criteria
I realise that Google Safe Browsing is just being used as an
illustration, but given that GSB (for commercial purposes) has been
replaced by Google in favour of the Web Risk API, is it worth cleaning
up this text, given that most CAs would be commercial entities, thus
prohibited from using the GSB API?
Just a thought,
Neil
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pEpkey.asc
Type: application/pgp-keys
Size: 1774 bytes
Desc: not available
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20200528/1b4bbfb8/attachment-0001.bin>
More information about the Servercert-wg
mailing list