[cabf_validation] FW: Updated Domain Validation Draft

kirk_hall at trendmicro.com kirk_hall at trendmicro.com
Wed Jul 15 16:09:23 MST 2015


Ben - the revised definition of Authorization Domain Name (see below) from the July 2 draft is incomplete... can you revise and send out for our call tomorrow?  Thanks.


Authorization Domain Name: The Domain Name used to obtain authorization for certificate issuance for a given FQDN.  The CA may use the FQDN returned from a DNS CNAME lookup as the FQDN for the purposes of Domain Validation.  Authorization Domain Name Domain Name returned to the CA from a DNS lookup for the CNAME record for the Registered Domain  is determined by one of the following two (2) methods:

(i)               remove all wildcard labels from the requested FQDN and

prune zero or more labels from left to right until encountering a Registered Domain Name; or

(ii).



. and (iii)  from the FQDN requested for inclusion in a Certificate or (ii) for wildcard FQDNs, created by pruning at least one or more components from the FQDN, and (iii) contains at least the second-level domainBase Domain for generic top-level domains (gTLD) such as .com, .net, or .org, or, if the FQDN contains a 2 letter Country Code Top-Level Domain (ccTLD), then contains at least whatever domain information is allowed for registration according to the rules of that ccTLD.


From: validation-bounces at cabforum.org [mailto:validation-bounces at cabforum.org] On Behalf Of Ben Wilson
Sent: Thursday, July 02, 2015 9:05 AM
To: validation at cabforum.org
Subject: [cabf_validation] Updated Domain Validation Draft

Here is the latest draft.

<table class="TM_EMAIL_NOTICE"><tr><td><pre>
TREND MICRO EMAIL NOTICE
The information contained in this email and any attachments is confidential 
and may be subject to copyright or other intellectual property protection. 
If you are not the intended recipient, you are not authorized to use or 
disclose this information, and we request that you notify us by reply mail or
telephone and delete the original message from your mail system.
</pre></td></tr></table>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/validation/attachments/20150715/c5a074e4/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Domain Validation Revision Proposal - July 2 2015.docx
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Size: 24677 bytes
Desc: Domain Validation Revision Proposal - July 2 2015.docx
Url : https://cabforum.org/pipermail/validation/attachments/20150715/c5a074e4/attachment-0002.bin 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4954 bytes
Desc: smime.p7s
Url : https://cabforum.org/pipermail/validation/attachments/20150715/c5a074e4/attachment-0003.bin 
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ATT00001.txt
Url: https://cabforum.org/pipermail/validation/attachments/20150715/c5a074e4/attachment-0001.txt 


More information about the Validation mailing list