Rob, That is good news, thanks. I'm looking forward to the additional information.
Doug > -----Original Message----- > From: Rob Stradling [mailto:[email protected]] > Sent: Thursday, February 23, 2017 6:23 AM > To: CA/Browser Forum Public Discussion List <[email protected]>; Doug > Beattie <[email protected]>; Ryan Sleevi <[email protected]>; > Phillip Hallam-Baker <[email protected]> > Subject: Re: [cabfpub] Ballot 187 - Make CAA Checking Mandatory > > On 22/02/17 22:40, Ryan Sleevi via Public wrote: > > On Wed, Feb 22, 2017 at 2:32 PM, Doug Beattie via Public wrote: > > > > Several people have looked at RFC 6844 and have come away with > > different interpretations of what the processing means, so I HIGHLY > > recommend we include the CAA processing that MUST be performed so > > there is no ambiguity and so it's clear for auditors. This includes > > statements like: > > > > > > Hi Doug, > > > > This is and remains problematic, and it doesn't seem the previous > > feedback was addressed. This is a bit like the recent remarks Virginia > > shared with offering interpretation of legal matters - while it's > > meant well, it introduces new problems. > > > > Perhaps you would consider filing IETF errata on what you think is > > unclear? I'm sensitive and appreciate the concern that technical > > documents may be hard to understand, I think RFC5280 and the > > (non-)compliance by CAs is ample evidence that no matter how > > unambiguous things are, people will misinterpret and misunderstand. > > Doug, Ryan, > > I fully agree that https://tools.ietf.org/html/rfc6844#section-4 is confusing > and needs to be revised. > > My understanding of the CAA algorithm has at times been flawed, even after > seeking clarification from Phill. If a document confuses even its authors, > then you know there's a problem! > > Last week Phill told me he would write an erratum for RFC6844 section 4 this > week. > > -- > Rob Stradling > Senior Research & Development Scientist > COMODO - Creating Trust Online _______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
