[cabf_validation] Simpler language for 3.2.2.4.6

Doug Beattie doug.beattie at globalsign.com
Mon May 14 12:02:00 MST 2018


Since a meta-tag is within a file (html file), can’t we remove “or on a web page in the form of a meta tag one of the following”?

"Confirming the Applicant's control over the requested FQDN by confirming the presence of a Request Token or Random Value contained in the content of a under the "/.well‐known/pki‐validation" directory, or another path registered with IANA for the purpose of Domain Validation, on the Authorization Domain Name that is accessible by the CA via HTTP/HTTPS over an Authorized Port."

From: Validation [mailto:validation-bounces at cabforum.org] On Behalf Of Dimitris Zacharopoulos via Validation
Sent: Monday, May 14, 2018 2:39 AM
To: Ryan Sleevi <sleevi at google.com>; CA/Browser Forum Validation WG List <validation at cabforum.org>
Subject: Re: [cabf_validation] Simpler language for 3.2.2.4.6

On 14/5/2018 4:37 πμ, Ryan Sleevi wrote:
Could you give a sense of what was found confusing, so as to help spark possible ideas?

Simplification isn't necessarily a good goal - simplification hides necessary complexity - but making it more understandable is reasonable.

This requirement seems very similar to other forms of technical requirements in the BRs, so was there anything particular that stood out?

I think it is more of a complex English language issue. The part in bold sounds very strange to me.

"Confirming the Applicant's control over the requested FQDN by confirming the presence of a Request Token or Random Value contained in the content of a file or on a web page in the form of a meta tag one of the following under the "/.well‐known/pki‐validation" directory, or another path registered with IANA for the purpose of Domain Validation, on the Authorization Domain Name that is accessible by the CA via HTTP/HTTPS over an Authorized Port."


I made an attempt to make the language easier to read and more understandable, while -hopefully- keeping the technical requirements intact.

"Confirming the Applicant's control over the requested FQDN by confirming the presence of a Request Token or Random Value contained:

  1.  in the content of a file; or
  2.  on a web page in the form of a "meta tag" (BTW, let's introduce some RFC references for the definition of "meta tag")
This file or web page MUST be accessible under the "/.well‐known/pki‐validation" directory, or another path registered with IANA for the purpose of Domain Validation, on the Authorization Domain Name that is accessible by the CA via HTTP/HTTPS over an Authorized Port."

Improvements are always welcome.


Dimitris.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/validation/attachments/20180514/428ca115/attachment.html>


More information about the Validation mailing list