Good point. If you want your method preserved, please send it to one of the CA/Browser forum lists.
-Tim From: Ryan Sleevi [mailto:r...@sleevi.com] Sent: Tuesday, January 30, 2018 8:46 AM To: Tim Hollebeek <tim.holleb...@digicert.com> Cc: mozilla-dev-security-policy <mozilla-dev-security-pol...@lists.mozilla.org> Subject: Re: IP Validation using method 3.2.2.5 (4) "any other method" On Tue, Jan 30, 2018 at 10:37 AM, Tim Hollebeek via dev-security-policy <dev-security-policy@lists.mozilla.org <mailto:dev-security-policy@lists.mozilla.org> > wrote: I'm sending this to this list because CAs are required to monitor this list, and I need to get feedback from smaller and more obscure CAs. The validation working group is thinking about proposing removal of 3.2.2.5 (4) in the near future. If you are currently using that method to validate IP certificates, please reply with the details of what you are doing so the procedure can be examined and potentially added to the Baseline Requirements as a valid method for validating IP certificates. FAILURE TO DO SO MAY RESULT IN YOUR METHOD BECOMING NON-COMPLIANT WITH LITTLE OR NO NOTICE. Just a note: Replying with those details to *this* list won't offer the CA/Browser Forum's IP protections. I would instead suggest that CAs that do not participate in the CA/Browser Forum, but use this method, join the CA/Browser Forum and contribute such methods. The failure to disclose in a way that is agreed upon by the IP policy of the CA/Browser Forum is a reasonably high enough risk that it should be prevented from adding it to the CA/Browser Forum documents.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
