On 12/30/2008 03:24 PM, Kai Engert:
As I see verification as the core intention of the CA principle, I would
have assumed above requirement is obvious to everyone, at least to CAs
themselves.
One of Comodo's CPS (the one responsible for PositiveSSL) claims:
To validate PositiveSSL and PositiveSSL Wildcard Secure Server
Certificates, *Comodo* checks that the Subscriber has control.....
....and the use of generic e-mails which ordinarily are only
available to person(s) controlling the domain name administration, for
example, webmaster@ . . ., postmaster@ . . ., admin@;
However the general CPS says something else. See other thread "Facts
about Comodo Resellers and RAs".
Nevertheless I believe that most CAs indeed take domain validation
seriously. CAs must provide confirmation concerning that during
inclusion requests. Comodo has not disclosed what I found now. As such
there is no backdoor.
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
Jabber: start...@startcom.org
Blog: https://blog.startcom.org
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
