[cabf_validation] FW: ACME DV Security Considerations Draft

Ryan Sleevi sleevi at google.com
Wed Oct 24 23:53:09 MST 2018


I believe you meant to say "domain validation". These attacks equally apply
to EV/OV, and also ignore some of the known weaknesses with the methods
implied with OV/EV.

On Wed, Oct 24, 2018 at 11:53 AM Tim Hollebeek via Validation <
validation at cabforum.org> wrote:

> Internet draft on attacks on DV validation.
>
> -Tim
>
> -----Original Message-----
> From: Acme <acme-bounces at ietf.org> On Behalf Of Tobias Fiebig
> Sent: Sunday, October 21, 2018 5:37 AM
> To: acme at ietf.org
> Cc: kevin at iseclab.org
> Subject: [Acme] ACME DV Security Considerations Draft
>
> Dear all,
> At the IETF in Montreal, I presented findings on security issues with
> domain
> validation in ACME, and were encouraged to write a short draft outlining
> attacks and possible defenses. We now created a first draft, which outlines
> the general structure and contents we are aiming for, see
> https://datatracker.ietf.org/doc/draft-fiebig-acme-esecacme. We are
> looking
> forward to your input on our plans.
>
> Met vriendelijke groet,
>
> Dr.-Ing. Tobias Fiebig,
> Assistant Professor / Universitair Docent Department Engineering Systems
> and
> Services
>
> Informatie- en Communicatie Technologie (ICT)
>
> TU Delft / Dept. ESS
> Faculty of Technology, Policy and Management (TBM) Building 31 Jaffalaan 5
> -
> room B3.170
> 2628 BX  Delft
> P.O.Box 5015
> 2600 GA Delft, The Netherlands
> T +31 (0)15 27 85700
> E  t.fiebig at tudelft.nl
>
> Present: Monday t/m Friday
>
> _______________________________________________
> Acme mailing list
> Acme at ietf.org
> https://www.ietf.org/mailman/listinfo/acme
> _______________________________________________
> Validation mailing list
> Validation at cabforum.org
> https://cabforum.org/mailman/listinfo/validation
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/validation/attachments/20181025/4db4b74d/attachment.html>


More information about the Validation mailing list