[cabf_validation] Outline of Method 1 Replacement

Wayne Thayer wthayer at mozilla.com
Fri Mar 9 12:22:34 MST 2018


On Fri, Mar 9, 2018 at 11:53 AM, Jonathan Rudenberg <jonathan at titanous.com>
wrote:

>
> Is there a compelling reason to bring back a new version of this method?


Yes, we're asking the same question.

It seems like any modification that adds the appropriate security
> properties would bring it very close to 3.2.2.4.2 / 3.2.2.4.3. Based on my
> understanding of the use of this method in the wild, it makes more sense to
> me for CAs to switch to .2 and .3 for domain ownership authorization and
> then do necessary additional subject validation with 3.2.2.1 or EVGL 11.8.3.
>

The obvious example to me is when the CA is already performing EV
validation, in which case this could save a step. There are also cases
where having a contractual relationship could make this method appealing to
a CA. In general, while I see your point, I'm trying not to make
assumptions.

Thanks,

Wayne
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/validation/attachments/20180309/087bd77c/attachment.html>


More information about the Validation mailing list