Putting the issue of "reuse" aside, do we need to clarify this issue of which random value methods can be used in combination with others? It seems that a random value could be provided to the domain contact / admin under methods 2, 3 (if you wanted) or 4 and then used within 30 days for methods 2, 4, 6, 7 and 10, but not vice versa.
-----Original Message----- From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Gervase Markham via Public Sent: Monday, July 31, 2017 9:02 AM To: Jeremy Rowley <jeremy.row...@digicert.com>; CA/Browser Forum Public Discussion List <public@cabforum.org>; Rich Smith <richard.sm...@comodo.com>; 'Peter Bowen' <p...@amzn.com> Subject: Re: [cabfpub] Random value reuse On 28/07/17 14:53, Jeremy Rowley via Public wrote: > I think the random value should be tied to a single communication > without reuse. For example, a single email sent to the constructed > emails, a single API call, a single phone call, etc. The random value > shouldn’t be tied to a method, but should be tied to a specific > communication from the CA that is tied to a request. By getting rid of > the reuse language, we can simplify the process and eliminate the risk > associated with reuse. Right. New random values are cheap :-) Gerv _______________________________________________ Public mailing list Public@cabforum.org https://cabforum.org/mailman/listinfo/public
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Public mailing list Public@cabforum.org https://cabforum.org/mailman/listinfo/public
