[cabf_validation] Multi-Perspective Issuance Corroboration Updates

Ryan Dickson ryandickson at google.com
Mon Aug 21 16:17:46 UTC 2023 

Hi everyone,

At the last Validation Subcommittee meeting (August 10), we shared a few
updates related to our continued efforts in drafting requirements related
to Multi-Perspective Issuance Corroboration (formerly known as
“Multi-Perspective Domain Validation”). Below is a summary to amplify those
updates and help carry the effort’s momentum forward.

Recent Updates:

   -

   The latest version of the draft requirements is located here
   <https://github.com/ryancdickson/staging/pull/8/files> (this is a
   comparison against the approved version of SC-63).
   -

   Comments made against the first version
   <https://github.com/ryancdickson/staging/pull/6> were addressed in a
   separate (second
   <https://github.com/ryancdickson/staging/tree/require-mpdv-v2>) branch
   to help highlight changes across versions. A diff between the current and
   first version is located here
   <https://github.com/ryancdickson/staging/compare/require-mpdv-v1..ryancdickson:staging:require-mpdv-v2?expand=1>
   .
   -

   Changes (from V1 to V2) include:
   -

      “Multi-Perspective Domain Validation” -> “Multi-Perspective Issuance
      Corroboration” to better frame that CAA checks are also expected to take
      place from multiple Network Perspectives.
      -

      Permit re-use of CAA determinations made from Network Perspectives to
      reduce unintended operational burden on implementers. The researchers
      shared some additional context re: the value of checking CAA
from multiple
      perspectives here
      <https://github.com/ryancdickson/staging/pull/6#discussion_r1254840892>
      .
      -

      Updated how we defined geographic diversity requirements (from
      continental boundaries to Regional Internet Registry boundaries).
      -

      Streamlined and simplified the quorum requirements table and
      implementation timeline.
      -

      Minor clean-ups and language improvements to promote simplicity and
      consistency.


Next Steps:

   -

   Host Ad-hoc Meeting [action requested by September 1] - Rather than
   continuing to await the conclusion of the IPR signature process, we’d be
   happy to host an ad-hoc meeting of the “Multi-VA Work Team
   <https://docs.google.com/document/d/1Vg8qwH_slheGofmj-lKt0P-bMNezlML3n89g8dSVSGo/edit>”
   established after F2F 58 to allow members of this community to ask
   questions or clarifications in a forum which the Princeton researchers can
   readily participate in. Let us know if you’re interested by September 1st,
   and we’ll work with the researchers and interested parties to identify a
   meeting date and time. Our goal for the ad-hoc meeting is to avoid losing
   the momentum started at F2F 58 as we await completion of the IPR process.
   -

   Collect Feedback [action requested by September 15] - We’re actively
   seeking feedback on the proposal from members of this community.
   -

      Good: Share feedback via email.
      -

      Better: Add comments to the Pull Request
      <https://github.com/ryancdickson/staging/pull/8>.
      -

      Best: Add suggested edits addressing concerns directly to the Pull
      Request <https://github.com/ryancdickson/staging/pull/8>.
      -

   Collect Endorser(s) - We have one endorser for the proposal (Aaron
   Gable, Let’s Encrypt). Let us know if you’d be interested in endorsing the
   ballot as we look to move into a discussion period.


Thanks,

Ryan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/validation/attachments/20230821/8bc97e8f/attachment.html>

More information about the Validation mailing list