On Wed, Feb 22, 2017 at 7:35 PM, Richard Wang via dev-security-policy <dev-security-policy@lists.mozilla.org> wrote: > As I understand, the BR 4.2.1 required this: > > “The CA SHALL develop, maintain, and implement documented procedures that > identify and require additional verification activity for High Risk > Certificate Requests prior to the Certificate’s approval, as reasonably > necessary to ensure that such requests are properly verified under these > Requirements.” > > Please clarify this request, thanks.
Richard, That sentence does not say that domain names including "apple", "google", or any other string are High Risk Certificate Requests (HRCR). I could define HRCR as being those that contain domain names that contain mixed script characters as defined in UTS #39 section 5.1. "apple-id-2.com" is not mixed script so it is not a HRCR based on this definition. Thanks, Peter _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy