[Servercert-wg] [Voting Period Begins] SC-070: Clarify the use of DTPs for Domain Control Validation

Aaron Gable aaron at letsencrypt.org
Tue Feb 13 16:56:39 UTC 2024


This new voting period is to fix a typo in the End timestamp of the voting
period for the previous version of this ballot. The contents of the motion
itself are identical. My apologies for the confusion.

This ballot aims to clarify the existing language around the use of
delegated third-parties during domain and IP address control validation. It
leaves the existing language in place, and adds specifics for the cases of
DNS queries, WHOIS lookups, and contact with the Domain Name Registrat or
IP Address Registration Authority.

Additionally, it places these same restrictions on CAA checking, with an
effective date of 2024-05-15.

This ballot is proposed by Aaron Gable (ISRG / Let's Encrypt) and endorsed
by Mads Henriksveen (Buypass) and Dimitris Zacharopoulos (HARICA). You can
view and comment on the github pull request representing this ballot here:
https://github.com/cabforum/servercert/puhttps://lists.cabforum.org/pipermail/servercert-wg/2024-February/004174.htmlll/475
<https://github.com/cabforum/servercert/pull/475>

The preceding discussion can be seen here:
https://lists.cabforum.org/pipermail/servercert-wg/2024-February/004174.html

--- Motion Begins ---

This ballot modifies the "Baseline Requirements for the Issuance and
Management of Publicly-Trusted Certificates" ("Baseline Requirements")
based on Version 2.0.2

MODIFY the Baseline Requirements as specified in the following redline:
https://github.com/cabforum/servercert/compare/41f01640748fa612386f8b1a3031cd1bff3d4f35...00ea6e24c474fd0ab6eecc25cb8eb733fffc60c3

--- Motion Ends ---

Discussion (at least 7 days):
- Start: 2024-02-02 22:30 UTC
- End: 2024-02-12 22:30 UTC

Vote for approval (7 days):
- Start: 2024-02-13 17:00 UTC
- End: 2024-02-20 17:00 UTC

Thanks,
Aaron
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20240213/2d4c050c/attachment.html>


More information about the Servercert-wg mailing list