[cabf_validation] FW: FW: Domain Validation ballot draft

Doug Beattie doug.beattie at globalsign.com
Wed Mar 9 14:33:25 MST 2016


Peter - here were my inputs for item 9, which I think you missed in the last draft.  Can you add them?

-----Original Message-----
From: validation-bounces at cabforum.org [mailto:validation-bounces at cabforum.org] On Behalf Of Doug Beattie
Sent: Sunday, February 28, 2016 11:33 AM
To: validation at cabforum.org
Subject: Re: [cabf_validation] FW: Domain Validation ballot draft

Here are my inputs on Test Certificate:

Item 9:
9. Confirming the Applicant's control over the requested FQDN by confirming the presence on the Authorization Domain Name of a non-expired Test Certificate  issued by the CA and which is accessible by the CA via TLS over an Authorized Port for the purpose of issuing a certificate with the same Public Key as in the Test Certificate.



Definition:
Test Certificate: A Certificate with a maximum validity period of 30 days and which i) includes a critical extension with the specified Test Certificate CABF OID, or ii) which chains to a root certificate not subject to these Requirements.

Commentary: During the F2F meeting it was recommended we add an specified critical Extension to test certificates, which I've added a provision for.  But I'd still like the other option to be an SSL certificate issued under a non-public root (without that critical extension). 

Doug



> -----Original Message-----
> From: validation-bounces at cabforum.org [mailto:validation- 
> bounces at cabforum.org] On Behalf Of Robin Alden
> Sent: Thursday, February 25, 2016 11:04 AM
> To: kirk_hall at trendmicro.com; validation at cabforum.org
> Subject: Re: [cabf_validation] FW: Domain Validation ballot draft
> 
> 
> 
> > -----Original Message-----
> > From: validation-bounces at cabforum.org [mailto:validation- 
> > bounces at cabforum.org] On Behalf Of kirk_hall at trendmicro.com
> > Sent: 25 February 2016 15:58
> > To: validation at cabforum.org
> > Subject: [cabf_validation] FW: Domain Validation ballot draft
> >
> > I have not seen a newer draft, so we can work from this draft from 
> > last
> week
> >
> > -----Original Message-----
> > From: Peter Bowen [mailto:pzb at amzn.com]
> > Sent: Thursday, February 18, 2016 8:46 AM
> > To: CABFPub; Kirk Hall (RD-US)
> > Subject: Domain Validation ballot draft
> >
> > Here is the latest draft based on the revisions coming out of the 
> > working group discussion yesterday.  The Word document is the 
> > master; the slides are a reformatting for the discussion tomorrow.
> >
> > Thanks,
> > Peter
> >
> >
> > <table class="TM_EMAIL_NOTICE"><tr><td><pre>
> > TREND MICRO EMAIL NOTICE
> > The information contained in this email and any attachments is
> confidential
> > and may be subject to copyright or other intellectual property protection.
> > If you are not the intended recipient, you are not authorized to use 
> > or disclose this information, and we request that you notify us by 
> > reply mail
> or
> > telephone and delete the original message from your mail system.
> > </pre></td></tr></table>
_______________________________________________
Validation mailing list
Validation at cabforum.org
https://cabforum.org/mailman/listinfo/validation
-------------- next part --------------
A non-text attachment was scrubbed...
Name: winmail.dat
Type: application/ms-tnef
Size: 11253 bytes
Desc: not available
Url : https://cabforum.org/pipermail/validation/attachments/20160309/69a160e4/attachment.bin 


More information about the Validation mailing list