[Servercert-wg] ODP: [Voting Period Begins] SC-070: Clarify the use of DTPs for Domain Control Validation
Kateryna Aleksieieva
Kateryna.Aleksieieva at assecods.pl
Mon Feb 19 11:57:50 UTC 2024
Certum "YES" on ballot SC-70
Kind regards,
Kateryna Aleksieieva
Junior quality specialist
Trust Services Department
Asseco Data Systems S.A.
Certum
Bajeczna 13
71-838 Szczecin
phone +48 91 425 74 52
mob. +48 785 505 660
kateryna.aleksieieva<mailto:kateryna.aleksieieva at assecods.pl>@assecods.pl<mailto:kateryna.aleksieieva at assecods.pl>
assecods.pl
Asseco Data Systems S.A. Headquarters: Jana z Kolna 11, 80 - 864 Gdańsk/Poland. Tax Identification Number (NIP): 517-035-94-58. Statistical ID number (REGON): 180853177. National Court Register: 0000421310 District Court in Gdańsk – Północ in Gdańsk, VIII Commercial Department of the National Court Register. Share capital: PLN 120.002.940,00
Please be informed that Asseco Data Systems is a large enterprise in a scope of the Act of 8 March 2013 on counteracting excessive payment delays in commercial transactions (consolidated text; Polish Journal of Laws of 2019, item 118)
Please be informed that your personal data included in the electronic correspondence are processed by the controller, which is Asseco Data Systems S.A. seated in Gdańsk, ul. Jana z Kolna 11, 80 - 864 Gdańsk. We process your data for the following purposes: to correspond with you, including answering your questions; to document the findings of any such correspondence; to execute an agreement to which you are or may be a party or to take action at your request before entering into such an agreement; to contact you in the execution of agreements to which you are not a party and in connection with the execution of which we have obtained your personal data; to control and improve the quality of the service provided, including the handling of complaints or grievances; to comply with our legal obligations, including for billing, tax and accounting purposes; to protect us from claims and to pursue any claims. You have the right to access, restrict, transfer, delete, rectify and object to the processing of your personal data, with the exact extent of your rights depending on the legal basis of the processing or the purpose of the processing. You also have the right to lodge a complaint with the supervisory authority, i.e. the President of the Office for Personal Data Protection, if you believe that the processing violates the regulations on personal data protection. You can read the full content of the information concerning the processing of your personal data, including your rights and their scope at this address: https://www.assecods.pl/informacje-o-danych-osobowych-email/.
This information is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Unauthorised use of this information by person or entity other than the intended recipient is prohibited by law. If you received this by mistake, please immediately contact the sender by e-mail or by telephone and delete this information from any computer. Thank you. Asseco Data Systems S.A.
________________________________
Od: Servercert-wg <servercert-wg-bounces at cabforum.org> w imieniu użytkownika Aaron Gable via Servercert-wg <servercert-wg at cabforum.org>
Wysłane: wtorek, 13 lutego 2024 17:57
Do: CA/B Forum Server Certificate WG Public Discussion List <servercert-wg at cabforum.org>
Temat: [Servercert-wg] [Voting Period Begins] SC-070: Clarify the use of DTPs for Domain Control Validation
This new voting period is to fix a typo in the End timestamp of the voting period for the previous version of this ballot. The contents of the motion itself are identical. My apologies for the confusion.
This ballot aims to clarify the existing language around the use of delegated third-parties during domain and IP address control validation. It leaves the existing language in place, and adds specifics for the cases of DNS queries, WHOIS lookups, and contact with the Domain Name Registrat or IP Address Registration Authority.
Additionally, it places these same restrictions on CAA checking, with an effective date of 2024-05-15.
This ballot is proposed by Aaron Gable (ISRG / Let's Encrypt) and endorsed by Mads Henriksveen (Buypass) and Dimitris Zacharopoulos (HARICA). You can view and comment on the github pull request representing this ballot here: https://github.com/cabforum/servercert/puhttps://lists.cabforum.org/pipermail/servercert-wg/2024-February/004174.htmlll/475<https://github.com/cabforum/servercert/pull/475>
The preceding discussion can be seen here: https://lists.cabforum.org/pipermail/servercert-wg/2024-February/004174.html
--- Motion Begins ---
This ballot modifies the "Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates" ("Baseline Requirements") based on Version 2.0.2
MODIFY the Baseline Requirements as specified in the following redline: https://github.com/cabforum/servercert/compare/41f01640748fa612386f8b1a3031cd1bff3d4f35...00ea6e24c474fd0ab6eecc25cb8eb733fffc60c3
--- Motion Ends ---
Discussion (at least 7 days):
- Start: 2024-02-02 22:30 UTC
- End: 2024-02-12 22:30 UTC
Vote for approval (7 days):
- Start: 2024-02-13 17:00 UTC
- End: 2024-02-20 17:00 UTC
Thanks,
Aaron
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20240219/20e6ac78/attachment-0001.html>
More information about the Servercert-wg
mailing list