SSL.com votes YES.
csk
On 9/12/2017 5:23 PM, Kirk Hall via Public wrote:
Voting has started on Ballot 190 as proposed on Sept 5 (see bottom of
this message, and attachments), as amended by my email from Sept. 11
(see immediately below). Voting runs through Sept. 19 at 18:00 UTC.
Entrust votes yes.
*From:* Public [mailto:[email protected]] *On Behalf Of
*Kirk Hall via Public
*Sent:* Monday, September 11, 2017 6:01 AM
*To:* CA/Browser Forum Public Discussion List <[email protected]>
*Subject:* [EXTERNAL][cabfpub] Two amendments to Ballot 190
The proposer and endorsers are making two minor amendments to Ballot
190 as follows.
1) In BR 3.2.2.4.6 "Agreed-Upon Change to Website", the current draft
Version 8 still has the typo "Request Value" that crept in sometime
around BR 1.4. It should be "Random Value". *_Accordingly, BR
3.2.2.4.6 in Ballot 190 is changed to read as follows:_*
*3.2.2.4.6 Agreed-Upon Change to Website*
Confirming the Applicant's control over the FQDN by confirming one of
the following under the "/.well-known/pki-validation" directory, or
another path registered with IANA for the purpose of Domain
Validation, on the Authorization Domain Name that is accessible by the
CA via HTTP/HTTPS over an Authorized Port:
1.The presence of Required Website Content contained in the content of
a file. The entire Required Website Content MUST NOT appear in the
request used to retrieve the file or web page, or
2.The presence of the Request Token or /Request/ *_Random_* Value
contained in the content of a file where the Request Token or Random
Value MUST NOT appear in the request. ***
2) In Version 8 of BR 3.2.2.4.7, "DNS Change", the current language says:
"Confirming the Applicant's control over the FQDN by confirming the
presence of a Random Value or Request Token _for either_ in a DNS
CNAME, TXT or CAA record _for either_ 1) an Authorization Domain Name;
or 2) an Authorization Domain Name that is prefixed with a label that
begins with an underscore character."
Note that "for either" appears twice in the sentence, and we think the
first occurrence should be deleted. *_Accordingly, BR 3.2.2.4.7 in
Ballot 190 is changed to read as follows:_*
*3.2.2.4.7 DNS Change*
Confirming the Applicant's control over the FQDN by confirming the
presence of a Random Value or Request Token /for either/ in a DNS
CNAME, TXT or CAA record for either 1) an Authorization Domain Name;
or 2) an Authorization Domain Name that is prefixed with a label that
begins with an underscore character.
Voting on Ballot 190 will begin tomorrow, and the text has been
changed as shown above.
***
*From:* Public [mailto:[email protected]] *On Behalf Of
*Kirk Hall via Public
*Sent:* Tuesday, September 5, 2017 10:52 AM
*To:* CA/Browser Forum Public Discussion List <[email protected]>
*Subject:* [EXTERNAL][cabfpub] Ballot 190 - Discussion Period is starting
As agreed on our CABF teleconference last week, we are starting the
formal discussion period for Ballot 190 (in this case, v8). I have
attached the ballot in two formats and in three modes.
The title of the actual ballot to be voted on uses all capital letters
“BALLOT 190 v8 (9-5-2017)”. I also attach a version that includes
some explanatory comments, and a “clean” version showing how the BRs
will read if Ballot 190 v8 is adopted “Ballot 190 v8 (9-5-2017)
(showing BRs if adopted)”.
The discussion period ends Sept. 12 at 18:00 UTC, and the voting
period runs Sept. 12-19.
This version 8 is based on the prior version 7, but includes a limited
number of changes as outlined in emails among me, Ryan, and Doug on
Aug. 29-30.
We are almost there! Thanks to everyone who has worked on this effort
over the past two years. Assuming Ballot 190 passes, the Validation
Working Group can then start work on further amendments as outlined in
my prior emails.
_______________________________________________
Public mailing list
[email protected]
https://cabforum.org/mailman/listinfo/public
--
Chris Kemmerer
Manager of Operations
SSL.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~ To find the reefs, look~~~~~~~~
~~~~ for the wrecks. ~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
_______________________________________________
Public mailing list
[email protected]
https://cabforum.org/mailman/listinfo/public
