[cabf_validation] Updated draft domain validation ballot for discussion on Thursday's call

kirk_hall at trendmicro.com kirk_hall at trendmicro.com
Thu Aug 27 07:11:19 MST 2015 

Let’s go through each method one by one on the call today and discuss.

From: Jeremy Rowley [mailto:jeremy.rowley at digicert.com]
Sent: Wednesday, August 26, 2015 10:34 PM
To: Kirk Hall (RD-US); validation at cabforum.org
Subject: RE: [cabf_validation] Updated draft domain validation ballot for discussion on Thursday's call

I don’t think you should have to use “a value that is unpredictable and previously unknown to the applicant” on D, E, and F. You’re communicating directly with the registrar or applicant.  How would you even do this by phone? Plus unpredictable is not well-defined at this point.

I also have issues with Authorized Port, which is not defined, and requiring a Random Value for H. The point is that the information is being placed into the .well-known directory, not that the value is random. I don’t think we should call it “DV” either as that causes confusion between the type of validation and the three different types of certificates.  It should be “validation” or something similar.

The change in J omits that a CNAME record could point to the DNS record.  This is not Random Value or Request Token but is (imo) better than a random value in a TXT record. CNAME validation appears inadvertently omitted and should be reinserted.

On H, methods 2, 3, and 4 do not necessarily require an email challenge. A telephone one is acceptable.

Jeremy

From: validation-bounces at cabforum.org<mailto:validation-bounces at cabforum.org> [mailto:validation-bounces at cabforum.org] On Behalf Of kirk_hall at trendmicro.com<mailto:kirk_hall at trendmicro.com>
Sent: Wednesday, August 26, 2015 3:34 PM
To: validation at cabforum.org<mailto:validation at cabforum.org>
Subject: [cabf_validation] Updated draft domain validation ballot for discussion on Thursday's call

I incorporated some additional comments and suggestions in the attached draft domain validation ballot (dated 8/26/2015) for discussion on Thursday's call – changes from the prior draft are shown in red.

Let’s work from this on our call tomorrow morning.

Kirk



TREND MICRO EMAIL NOTICE

The information contained in this email and any attachments is confidential

and may be subject to copyright or other intellectual property protection.

If you are not the intended recipient, you are not authorized to use or

disclose this information, and we request that you notify us by reply mail or

telephone and delete the original message from your mail system.




<table class="TM_EMAIL_NOTICE"><tr><td><pre>
TREND MICRO EMAIL NOTICE
The information contained in this email and any attachments is confidential 
and may be subject to copyright or other intellectual property protection. 
If you are not the intended recipient, you are not authorized to use or 
disclose this information, and we request that you notify us by reply mail or
telephone and delete the original message from your mail system.
</pre></td></tr></table>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/validation/attachments/20150827/4c6b7a25/attachment-0001.html

More information about the Validation mailing list