[cabf_validation] Using 3.2.2.4.2/.3 for future domains

Tim Hollebeek tim.hollebeek at digicert.com
Fri Mar 23 02:04:19 MST 2018


That’s correct, we remain strongly in favor of allowing domain holders to restrict validation methods.  It’s one of the more important parts of my CAA tags proposal, which unfortunately has gotten at best lukewarm support from other large CAs.

 

-Tim

 

I'm similarly interested in declaring the validation method(s) used, particularly for domain names, which provides a way for the domain holder to validate that the CAA policy is respected. I assume DigiCert's support for this has not waned since the last time it was discussed (in the context of 190)?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/validation/attachments/20180323/0df29201/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4940 bytes
Desc: not available
URL: <http://cabforum.org/pipermail/validation/attachments/20180323/0df29201/attachment.p7s>


More information about the Validation mailing list