[cabf_validation] Domain Validation Ballot discussion

Jeremy Rowley jeremy.rowley at digicert.com
Wed Sep 23 09:54:31 MST 2015 

Sounds good. I’m not opposed to proceeding with the ballot. I am opposed to proceeding with the ballot with the “any other method” language included.

From: validation-bounces at cabforum.org [mailto:validation-bounces at cabforum.org] On Behalf Of kirk_hall at trendmicro.com
Sent: Wednesday, September 23, 2015 10:28 AM
To: validation at cabforum.org
Subject: [cabf_validation] Domain Validation Ballot discussion

I was able to listen to the domain validation ballot discussion from the CABF meeting last week.  Jeremy, you were in favor of delaying further action until after the PAG meeting last Friday.  How did the PAG meeting affect your point of view?  Should we move forward with the ballot now?  (I saw the revised PAG memo that will go to the Members, and it looks good to me.)

You made one point on the CABF call – you were concerned that if we proceed with the ballot now (and eliminate “any other method”), and then it turns out that all validation methods are covered by (currently undisclosed) patents, we could be in trouble.  I don’t think that’s a realistic threat for a couple of reasons.

First, Methods 1-6 remain virtually unchanged, and have been used for years without anyone claiming IP on them.  It’s pretty unlikely IP claims will pop up after “any other method” is dropped.

Second, even if Methods 7-9 are covered by IP, no one has to use those methods – we can stick with Methods 1-6 as in the past.  We may get voluntary disclosure based on the PAG, and maybe IP holders will tell the Forum they will not block use by others – we will see.

As to Methods 7 and 8 in particular – it’s hard to see how anyone could have enforceable IP that relates to adding a Random Value to a DNS record, or controlling an IP address for an A or AAAA record…

Finally, suppose one or more companies do assert broad IP rights over one or many validation methods?  If it’s truly a crisis for CAs, the Forum can respond very quickly (a ballot can be completed in about two weeks) either to add back “any other method” so CAs can make changes to avoid infringement, or even better, can modify the validation method where IP is asserted to be broader and allow non-infringing workarounds by CAs to avoid the problem.  (That’s the function that some people have assigned to current Method 7 – any other method – something that allows a CA to modify a method to avoid infringement if an infringement claim pops up.  I don’t think that situation has ever arisen.)  We can also add other validation methods by future ballot as well.

There seems to be no real opposition to the ballot as drafted, and we won’t really have a complete and binding solution to our IPR situation for months – so I’d say let’s proceed with the ballot in the near future.

We can discuss on our call tomorrow.

Kirk



TREND MICRO EMAIL NOTICE

The information contained in this email and any attachments is confidential

and may be subject to copyright or other intellectual property protection.

If you are not the intended recipient, you are not authorized to use or

disclose this information, and we request that you notify us by reply mail or

telephone and delete the original message from your mail system.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/validation/attachments/20150923/400eedae/attachment.html

More information about the Validation mailing list