[cabf_validation] Draft Ballot to Remove IP "Any Other Method" Validation (SC7)

Wayne Thayer wthayer at mozilla.com
Fri Jan 18 11:16:17 MST 2019

Sort of. Tim said that DigiCert has used it in the past. No other CAs spoke
up on the call. Also, when we asked this question last February, GlobalSign
said that they use this method. Given that this method is defined in the
current BRs, I don't think leaving it in this ballot makes the situation
worse, so I'm inclined to stick with that approach.

Also, can I get one more endorser for this ballot (so far I have Doug)?



On Fri, Jan 18, 2019 at 11:02 AM Jacob Hoffman-Andrews <jsha at letsencrypt.org>

> On Fri, Jan 18, 2019 at 9:43 AM Wayne Thayer <wthayer at mozilla.com> wrote:
>> keep (for now) the reverse-lookup method despite you concerns being
>> shared by others. The intent of this ballot is to replace "any other
>> method" with explicit methods that are in use today, and we believe that
>> the reverse-lookup method is in use.
> This makes sense, but do we have a list of CAs that currently use
> reverse-lookup? I'd like to be clear about whether we know specific CAs use
> this or are just being cautious to avoid failing the ballot at the last
> minute if someone pops up saying they use it.
> Thanks,
> Jacob
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/validation/attachments/20190118/a77fb4aa/attachment-0001.html>

More information about the Validation mailing list