[cabf_validation] Onion Proposal

Jacob Hoffman-Andrews jsha at letsencrypt.org
Thu Dec 19 14:17:36 MST 2019


Thanks for moving this forward.

My colleague Roland Shoemaker pointed out that this proposal introduces the
term "Verified Method of Communication," which is only defined in the
EVGLs, not the BRs. There's a similar definition in the BRs:

Reliable Method of Communication: A method of communication, such as a
postal/courier delivery address, telephone number, or email address, that
was verified using a source other than the Applicant Representative.

However, this is only used in the context of establishing Subject Identity
Information to be included in the certificate. For certificates without
Subject Identity Information, this is probably not necessary; that is,
proof of control of the private key corresponding to the Onion address is
sufficient on its own, so communication could be established, e.g. through
an API account created by the Applicant Representative.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/validation/attachments/20191219/cce2bc1b/attachment.html>


More information about the Validation mailing list