> On Jan 19, 2018, at 11:23 AM, Kirk Hall <[email protected]> wrote: > > First, I think everyone knows what CAs are supposed to do under Method 1
I’m fairly sure this is not the case… > , and the lack of misissuance reports means CAs are doing it right. Here’s > how Method 1 starts now: > > “Conforming the Applicant's control over the FQDN by validating the Applicant > as the Domain Contact by verifying that: ***” You can see why I think CAs might not know what they’re supposed to do, because the above quote is not the actual words from the the Baseline Requirements! Right now, in BR 1.5.4, Method 1 starts with these words: > Confirming the Applicant's control over the FQDN by validating the Applicant > is the Domain Contact directly with the Domain Name Registrar. This method > may only be used if: Your version prescribes a method. The actual current requirements specify an objective and don’t specify a method. Now, I’m not against prescribing a method, but the method prescribed does need to achieve the original objective, and I think the proposed method is inadequate to do that…
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
