On 17/05/17 18:04, Ryan Sleevi via Public wrote: > I totally appreciate that sentiment, but you realize one area of the > concern and issues has been the proposal - made by Kirk, Gerv, and > Jeremy - to allow the reuse of insecurely-validated domain names.
This is why I am proposing this. Not because I like it, but because CAs have not kept records of which method was used, any per-method variance would require them to redo all validations. (And I'm not up for requiring every CA to redo every validation, either, and it wouldn't pass even if I was.) So we sigh, grandfather everything in one last time, and make it a requirement that CAs record the method used so that in future, we can do method-specific rules. What's the alternative proposal, given that many or most CAs can't do per-method rules right now? Gerv _______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
