[cabf_validation] Domain Validation Ballot discussion

kirk_hall at trendmicro.com kirk_hall at trendmicro.com
Wed Sep 23 09:27:47 MST 2015

I was able to listen to the domain validation ballot discussion from the CABF meeting last week.  Jeremy, you were in favor of delaying further action until after the PAG meeting last Friday.  How did the PAG meeting affect your point of view?  Should we move forward with the ballot now?  (I saw the revised PAG memo that will go to the Members, and it looks good to me.)

You made one point on the CABF call - you were concerned that if we proceed with the ballot now (and eliminate "any other method"), and then it turns out that all validation methods are covered by (currently undisclosed) patents, we could be in trouble.  I don't think that's a realistic threat for a couple of reasons.

First, Methods 1-6 remain virtually unchanged, and have been used for years without anyone claiming IP on them.  It's pretty unlikely IP claims will pop up after "any other method" is dropped.

Second, even if Methods 7-9 are covered by IP, no one has to use those methods - we can stick with Methods 1-6 as in the past.  We may get voluntary disclosure based on the PAG, and maybe IP holders will tell the Forum they will not block use by others - we will see.

As to Methods 7 and 8 in particular - it's hard to see how anyone could have enforceable IP that relates to adding a Random Value to a DNS record, or controlling an IP address for an A or AAAA record...

Finally, suppose one or more companies do assert broad IP rights over one or many validation methods?  If it's truly a crisis for CAs, the Forum can respond very quickly (a ballot can be completed in about two weeks) either to add back "any other method" so CAs can make changes to avoid infringement, or even better, can modify the validation method where IP is asserted to be broader and allow non-infringing workarounds by CAs to avoid the problem.  (That's the function that some people have assigned to current Method 7 - any other method - something that allows a CA to modify a method to avoid infringement if an infringement claim pops up.  I don't think that situation has ever arisen.)  We can also add other validation methods by future ballot as well.

There seems to be no real opposition to the ballot as drafted, and we won't really have a complete and binding solution to our IPR situation for months - so I'd say let's proceed with the ballot in the near future.

We can discuss on our call tomorrow.


<table class="TM_EMAIL_NOTICE"><tr><td><pre>
The information contained in this email and any attachments is confidential 
and may be subject to copyright or other intellectual property protection. 
If you are not the intended recipient, you are not authorized to use or 
disclose this information, and we request that you notify us by reply mail or
telephone and delete the original message from your mail system.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/validation/attachments/20150923/4970ff81/attachment.html 

More information about the Validation mailing list