[cabf_validation] Updated draft domain validation ballot for discussion on Thursday's call
Jeremy Rowley
jeremy.rowley at digicert.com
Wed Aug 26 22:34:03 MST 2015
I don’t think you should have to use “a value that is unpredictable and previously unknown to the applicant” on D, E, and F. You’re communicating directly with the registrar or applicant. How would you even do this by phone? Plus unpredictable is not well-defined at this point.
I also have issues with Authorized Port, which is not defined, and requiring a Random Value for H. The point is that the information is being placed into the .well-known directory, not that the value is random. I don’t think we should call it “DV” either as that causes confusion between the type of validation and the three different types of certificates. It should be “validation” or something similar.
The change in J omits that a CNAME record could point to the DNS record. This is not Random Value or Request Token but is (imo) better than a random value in a TXT record. CNAME validation appears inadvertently omitted and should be reinserted.
On H, methods 2, 3, and 4 do not necessarily require an email challenge. A telephone one is acceptable.
Jeremy
From: validation-bounces at cabforum.org [mailto:validation-bounces at cabforum.org] On Behalf Of kirk_hall at trendmicro.com
Sent: Wednesday, August 26, 2015 3:34 PM
To: validation at cabforum.org
Subject: [cabf_validation] Updated draft domain validation ballot for discussion on Thursday's call
I incorporated some additional comments and suggestions in the attached draft domain validation ballot (dated 8/26/2015) for discussion on Thursday's call – changes from the prior draft are shown in red.
Let’s work from this on our call tomorrow morning.
Kirk
TREND MICRO EMAIL NOTICE
The information contained in this email and any attachments is confidential
and may be subject to copyright or other intellectual property protection.
If you are not the intended recipient, you are not authorized to use or
disclose this information, and we request that you notify us by reply mail or
telephone and delete the original message from your mail system.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/validation/attachments/20150827/0d39ff47/attachment.html
More information about the Validation
mailing list