[cabf_validation] Ballot 190 Section 2

Doug Beattie doug.beattie at globalsign.com
Mon Apr 24 11:34:41 MST 2017


The "any other method"  still remains as a valid option and the problem outlined below is only when this method is removed, correct?  We basically need to grandfather in validation data collected under method 11 for some period of time.  Ryan does not want this to be 39 months for all the reasons he listed.
Is that the crux of the issue?
Doug


From: Validation [mailto:validation-bounces at cabforum.org] On Behalf Of Jeremy Rowley via Validation
Sent: Monday, April 24, 2017 1:37 PM
To: CA/Browser Forum Validation WG List <validation at cabforum.org>
Cc: Jeremy Rowley <jeremy.rowley at digicert.com>
Subject: [cabf_validation] Ballot 190 Section 2

Section 190 was withdrawn because of objections to Section 2 of the ballot:
"This provisions of Ballot Section 1 will apply only to the validation of domain names occurring after this Ballot 190's effective date.  Validation of domain names that occurs before this Ballot's effective date and the resulting validation data may continue to be used for the periods specified in BR 4.2.1 and EVGL 11.14.3 so long as the validations were conducted in compliance with the BR Section 3.2.2.4 validation methods in effect at the time of each validation."
Basically, the browsers would like a date when this cuts off so that old certificate validation data can't be reused. Any thoughts on how to reconcile?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/validation/attachments/20170424/f1c9df5a/attachment-0001.html>


More information about the Validation mailing list