[cabf_validation] domain registrar as an applicant
sleevi at google.com
Mon Oct 22 06:10:10 MST 2018
I think any CA advocating that would need to describe under 184.108.40.206 which
method they're using to validate. Could you explain a process that a CA
could use that compiles with one of the 220.127.116.11 validation methods that
There had been some discussion about proposing additional methods - what,
during the validation work, had been suggested as "18.104.22.168.13", which was a
modification proposed by Peter Bowen at Amazon that would have allowed
greater flexibility while still achieving the same security objectives of
22.214.171.124.12, in a more interoperable way. However, Peter didn't push that
forward as .13, and no other member stepped up to do so.
On Mon, Oct 22, 2018 at 5:25 AM Adriano Santoni via Validation <
validation at cabforum.org> wrote:
> I'd like to get some opinions on the following doubt.
> Can it be inferred, from the BRs, that the entity which is is officialy
> designated (e.g. by governmental acts) as the /unique/ registrar of a
> certain domain also /controls/ that domain and is therefore "entitled"
> (subject to the remaining checks required by the BRs) to receive SSL server
> certificates for such domain and all subdomains thereof? I mean, can we
> draw this conclusion based on "just" the official documental evidences
> (e.g. by governmental acts) ? Section 126.96.36.199 of the BRs seems not to allow
> that - or not too clearly, at any rate.
> (Please note that I am not referring to the particular circumstance
> addressed by 188.8.131.52.12 of the BRs)
> Validation mailing list
> Validation at cabforum.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Validation