On Wednesday, April 25, 2018 at 1:28:43 PM UTC+2, Buschart, Rufus wrote: > Hi Ryan! > > The "multiple perspective validations" is an interesting idea. Did you think > about combining it with CAA checking? I could imagine having a new tag, e.g. > "allowedMethods", in which the legitimate owner of a domain can specify the > set of allowed methods to validate his domain. As an example the value > "(3.2.2.4.1 AND 3.2.2.4.5) OR 3.2.2.4.9" in the new "allowedMethods" tag > could mean, that a certificate may only be issued, if two validations acc. > 3.2.2.4.1 and 3.2.2.4.1 were successful or if one validation acc. 3.2.2.4.9 > was successful. Any other method of validation would be not allowed. I see > here the benefit, that the owner of a domain can choose how to verify > according his business needs and select the appropriate level of security for > his domains. > > With best regards, > Rufus Buschart >
Multiple perspectives is useful when relying on any insecure third-party resource; for example DNS or Whois. This is different than requiring multiple validations of different types; an attacker that is able to manipulate the DNS validation at the IP layer is also likely going to be able to do the same for HTTP and Whois. Ryan _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
