[Servercert-wg] [DIscussion Period Begins] SC-070: Clarify the use of DTPs for domain control validation

[Aaron Gable]

This ballot aims to clarify the existing language around the use of
delegated third-parties during domain and IP address control validation. It
leaves the existing language in place, and adds specifics for the cases of
DNS queries, WHOIS lookups, and contact with the Domain Name Registrat or
IP Address Registration Authority.

Additionally, it places these same restrictions on CAA checking, with an
effective date of 2024-05-15.

This ballot is proposed by Aaron Gable (ISRG / Let's Encrypt) and endorsed
by Mads Henriksveen (Buypass) and Dimitris Zacharopoulos (HARICA). You can
view and comment on the github pull request representing this ballot here:
https://github.com/cabforum/servercert/pull/475

--- Motion Begins ---

This ballot modifies the "Baseline Requirements for the Issuance and
Management of Publicly-Trusted Certificates" ("Baseline Requirements")
based on Version 2.0.2

MODIFY the Baseline Requirements as specified in the following redline:
https://github.com/cabforum/servercert/compare/41f01640748fa612386f8b1a3031cd1bff3d4f35...00ea6e24c474fd0ab6eecc25cb8eb733fffc60c3

--- Motion Ends ---

Discussion (at least 7 days):
- Start: 2024-02-02 22:30 UTC
- End no earlier than 2024-02-09 22:30 UTC

Vote for approval (7 days):
- Start: TBD
- End: TBD
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20240202/e644e70a/attachment.html>