Good to know! I'm not part of the validation WG and participating in the Policy and NetSec WGs doesn't leave much room for another WG. I'll try to read the minutes and emails you post on the mailing list.
Thanks, Dimitris. -----Original Message----- From: Tim Hollebeek <[email protected]> To: Dimitris Zacharopoulos <[email protected]>, CA/Browser Forum Public Discussion List <[email protected]> Sent: Thu, 01 Feb 2018 16:41 Subject: RE: [cabfpub] Voting begins: Ballot 218 version 2 You’re right and there is a proposal to do exactly that. It will be discussed on the VWG today if you want to join. We do need a more formal and rigorous evaluation of the risks and vulnerabilities inherent in the use of each validation method. -Tim Intuitively, these methods were proved to be the "weakest" among the other methods, even though there are known vulnerabilities for almost all of them (including DNS/routes hijacking, etc). The validation working group should discuss more about the threats of each method (and how to formalize the level of assurance) in case a similar discussion about the other methods is brought forward.
_______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
