[Servercert-wg] [EXTERNAL]- Sunsetting use of WHOIS to identify Domain Contacts

Amir Omidi amir at aaomidi.com
Mon Sep 16 15:19:26 UTC 2024 

As an interested third party, I endorse this. Thank you for taking the
initiative.

On Mon, Sep 16, 2024 at 11:06 AM Pedro FUENTES via Servercert-wg <
servercert-wg at cabforum.org> wrote:

> OISTE would endorse this initiative
>
> On 16 Sep 2024, at 16:32, Ryan Dickson via Servercert-wg <
> Servercert-wg at cabforum.org> wrote:
>
> All,
>
> In light of recent events where research from WatchTowr Labs demonstrated
> how threat actors could exploit WHOIS to obtain fraudulently issued TLS
> certificates [1] and follow-on discussions in MDSP [2][3], we drafted an
> introductory proposal [4] to sunset the use of WHOIS for identifying Domain
> Contacts.
>
> The proposal sets a prohibition against relying on WHOIS to identify
> Domain Contacts beginning 11/1/2024.
>
> While publicly-trusted CA Owners are required to disclose and maintain
> in-use DCV methods to the CCADB [5], the collected data lacks specificity,
> hindering our ability to assess the extent of reliance on WHOIS and the
> potential impact of transitioning away from it.
>
> Feedback on the proposal (preferably using comments or suggestions on the
> Pull Request via GitHub) along with volunteers for endorsers would be
> appreciated.
>
> Thanks,
> Ryan
>
> P.S., I apologize if this effort is redundant to discussions already
> taking place in the Forum, I was traveling last week and am catching up on
> email.
>
> [1]
> https://labs.watchtowr.com/we-spent-20-to-achieve-rce-and-accidentally-became-the-admins-of-mobi/
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__labs.watchtowr.com_we-2Dspent-2D20-2Dto-2Dachieve-2Drce-2Dand-2Daccidentally-2Dbecame-2Dthe-2Dadmins-2Dof-2Dmobi_&d=DwMFaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=-bX5hBm1IdRDykQ-dBR8tsFRCM4v1VXUyG7RZa2WqPY&m=1CJcldkOKNaH6Tu9kiTliBmTMzTdtFrQ0USL5juRHSkA78re2Z_FuT3Hr1z1Cd6m&s=qZzpnP-57sE4nQ6LxHM50ULVrjSKSIk2Fccl0d8PESE&e=>
> [2]
> https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/FuOi_uhQB6U
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__groups.google.com_a_mozilla.org_g_dev-2Dsecurity-2Dpolicy_c_FuOi-5FuhQB6U&d=DwMFaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=-bX5hBm1IdRDykQ-dBR8tsFRCM4v1VXUyG7RZa2WqPY&m=1CJcldkOKNaH6Tu9kiTliBmTMzTdtFrQ0USL5juRHSkA78re2Z_FuT3Hr1z1Cd6m&s=31lolz5JP-8ykEL9HDAxaX6AcVj3rFj7LwOwRxwFkZg&e=>
> [3]
> https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/mAl9XjieSkA
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__groups.google.com_a_mozilla.org_g_dev-2Dsecurity-2Dpolicy_c_mAl9XjieSkA&d=DwMFaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=-bX5hBm1IdRDykQ-dBR8tsFRCM4v1VXUyG7RZa2WqPY&m=1CJcldkOKNaH6Tu9kiTliBmTMzTdtFrQ0USL5juRHSkA78re2Z_FuT3Hr1z1Cd6m&s=37YIE6Jw_R8c8obIjNP3qo3yo9YW36r4WMZH76HyUGM&e=>
> [4] https://github.com/cabforum/servercert/pull/548
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_cabforum_servercert_pull_548&d=DwMFaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=-bX5hBm1IdRDykQ-dBR8tsFRCM4v1VXUyG7RZa2WqPY&m=1CJcldkOKNaH6Tu9kiTliBmTMzTdtFrQ0USL5juRHSkA78re2Z_FuT3Hr1z1Cd6m&s=vBGh-YJqmgDPKGnq5cAcEuu__uSmeZaCK_EGoFkB-Kc&e=>
> [5]
> https://docs.google.com/spreadsheets/d/1IXL8Yk12gPQs8GXiosXCPLPgATJilaiVy-f9SbsMA28/edit?gid=268412787#gid=268412787
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__docs.google.com_spreadsheets_d_1IXL8Yk12gPQs8GXiosXCPLPgATJilaiVy-2Df9SbsMA28_edit-3Fgid-3D268412787-23gid-3D268412787&d=DwMFaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=-bX5hBm1IdRDykQ-dBR8tsFRCM4v1VXUyG7RZa2WqPY&m=1CJcldkOKNaH6Tu9kiTliBmTMzTdtFrQ0USL5juRHSkA78re2Z_FuT3Hr1z1Cd6m&s=nHPN4vmJhl30c7Nh_y7NmG73eUtxjUstZR6YNcUH0o4&e=>
>
> _______________________________________________
> Servercert-wg mailing list
> Servercert-wg at cabforum.org
>
> https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.cabforum.org_mailman_listinfo_servercert-2Dwg&d=DwICAg&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=-bX5hBm1IdRDykQ-dBR8tsFRCM4v1VXUyG7RZa2WqPY&m=1CJcldkOKNaH6Tu9kiTliBmTMzTdtFrQ0USL5juRHSkA78re2Z_FuT3Hr1z1Cd6m&s=hOfLasOApOVBc0Uwo83PbDiIvJ4IjPP7O-hs7suejHw&e=
>
>
>
>
> *WISeKey SA*
>
> *Pedro Fuentes*CSO - Trust Services Manager
> Office: + 41 (0) 22 594 30 00
> Mobile: + 41 (0) 791 274 790
> Address: Avenue Louis-Casaï 58 | 1216 Cointrin | Switzerland
>
> *Stay connected with WISeKey <http://www.wisekey.com>*
> *THIS IS A TRUSTED MAIL*: This message is digitally signed with a WISeKey
> identity. If you get a mail from WISeKey please check the signature to
> avoid security risks
>
> *CONFIDENTIALITY: *This email and any files transmitted with it can be
> confidential and it’s intended solely for the use of the individual or
> entity to which they are addressed. If you are not the named addressee
> you should not disseminate, distribute or copy this e-mail. If you have
> received this email in error please notify the sender
>
> *DISCLAIMER: *WISeKey does not warrant the accuracy or completeness of
> this message and does not accept any liability for any errors or
> omissions herein as this message has been transmitted over a public
> network. Internet communications cannot be guaranteed to be secure or
> error-free as information may be intercepted, corrupted, or contain
> viruses. Attachments to this e-mail are checked for viruses; however, we do
> not accept any liability for any damage sustained by viruses and therefore
> you are kindly requested to check for viruses upon receipt.
>
> _______________________________________________
> Servercert-wg mailing list
> Servercert-wg at cabforum.org
> https://lists.cabforum.org/mailman/listinfo/servercert-wg
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20240916/eb0a29de/attachment.html>

More information about the Servercert-wg mailing list