Yes, if you read between the lines of my email, you’ll see that I acknowledge
that the design goals have changed in the last six years … it’s why I think a
reanalysis might actually be prudent. We’ve learned a lot.
Part of the reason the BRs are currently so domain-control centric is that man
Tim,
The historic thought to which you refer -- that proof of ownership is
stronger than proof of control -- has been clearly shown to be incorrect.
Nearly all of the proof of ownership methods require communication with a
Domain Contact, and all of the methods of discovering and communicating
wit
Hi Ryan,
Both of these objectives are valuable outcomes to pursue, from my perspective.
Regarding Objective 2, I think a shorter timeline for an effective date is
desirable, especially in relation to 3.2.2.4.2’s inclusion of Fax, SMS, and
Postal Mail as communication mediums for domain validati
I think this (
https://docs.google.com/document/d/1aJiOzYVTpoAPVWDucnp20cTO2PR_cRsHncvkhlrcR10/edit)
might be the document Tim referenced in his last message. At some point, it
seems to have fallen to the perils of public doc comment access.
I was unable to find a detailed recounting of the discus
The summit was March 2018, that might help find more. The validation
subcommittee’s mailing list has a lot of information around that time.
Perhaps someone else has more time to track down the notes, etc. I know there
was a large Google doc at some point.
-Tim
From: Mike Shaver
Sent
On Tue, Sep 24, 2024 at 11:49 AM Tim Hollebeek via Servercert-wg <
servercert-wg@cabforum.org> wrote:
> I’d suggest people review the notes from the validation summit we had
> about five years ago as a really good resource for learning some of the
> complexity in this area.
>
Do you have a link t
This analysis is just fundamentally wrong, as the premise that “the 3.2.2.4
validation methods are only valid if they prove control of the domain name” is
wrong.
The actual design criteria that the 3.2.2.4 methods were based on is “OWNS or
controls”. Historically, the ‘control’ methods were
On Tue, 24 Sep 2024 07:48:00 +
Martijn Katerbarg via Servercert-wg wrote:
> >I also wanted to ask in general, why does WHOIS based validation not
> >fall under the same rules as a delegated third party for domain
> >validation?
>
> In my personal opinion (but perhaps others have a different
Hi,
This vote can´t be counted because this person has no voting rights for the
servercert WG. Please, review if Xinling Cui should also have voting rights for
iTrusChina considered that is member of the WG.
Regards
De: Servercert-wg En nombre de ??? via
Servercert-wg
Enviado el: lu
Hi,
This vote can´t be counted because it´s sent based on the discussion period and
not on the voting period.
Regards
De: Servercert-wg En nombre de ??? via
Servercert-wg
Enviado el: martes, 24 de septiembre de 2024 6:22
Para: CA/B Forum Server Certificate WG Public Discussion List
Telia votes ’Yes’ on Ballot SC-078
//Antti
From: Servercert-wg on behalf of Martijn
Katerbarg via Servercert-wg
Date: Tuesday, 17. September 2024 at 16.20
To: CA/B Forum Server Certificate WG Public Discussion List
Subject: [Servercert-wg] Voting Period Begins: Ballot SC-078 - Subject
o
Hi Amir,
>I also wanted to ask in general, why does WHOIS based validation not fall
>under the same rules as a delegated third party for domain validation?
In my personal opinion (but perhaps others have a different opinion on this),
because there needs to be a source of truth, for the same r
12 matches
Mail list logo