[cabf_validation] WG Minutes for June 1

Jeremy Rowley jeremy.rowley at digicert.com
Tue Jun 13 15:26:41 MST 2017


Attendees: Peter, Wayne, Kirk, Ben, Tim, Li Chun, Rick, Jeremy, Bruce, Rich

 

1.	Notary Clarification - Ready to go. Just waiting to hear back from
Doug on endorsement. 
2.	5280 Ballot (underscores) - Peter suggested two changes. Turn
wildcard domain name into defined term and clarify that they can only be
used where hyphens are allowed.
3.	190 - Pushing to get it implemented before the Mozilla date. Jeremy
explained his concern that it's not clear on how sub domains are
revalidated. Previously, wildcards and subdomain validation was done using
"Any Other". Removing any other before fixing the language could raise an
argument this is no longer allowed. The criteria becomes auditable once it
is part of the BRs. Adding it to your CPS makes it auditable as well.
However, adding it to your CPS allows you to form it in your interpretation.
Kirk will take a look and circulate a final version of 190
4.	ASN.1 - Technical specification is not clear. Peter will review and
get back to the WG afterwards. Jeremy will circulate draft.
5.	Liability limitations - Cannot limit liability to less than $2000
per subscriber. Change it to require caps to be disclosed in CPS. Ben
thought we should keep the existing language.  But we should add a note
acknowledging what CAs do today (cap liability).  Proposals: a) Aggregate
cap in CPS, b) Aggregate cap per cert, c) Aggregate cap for the CA

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/validation/attachments/20170613/905fbb50/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4964 bytes
Desc: not available
URL: <http://cabforum.org/pipermail/validation/attachments/20170613/905fbb50/attachment.bin>


More information about the Validation mailing list