On Thu, Jan 11, 2018 at 7:52 PM, James Burton <[email protected]> wrote:
> *The Baseline Requirements, Section 4.9.1.1, requires that the CA revoke > if:* > *6. The CA is made aware of any circumstance indicating that use of a > Fully-Qualified Domain Name or IP* > *address in the Certificate is no longer legally permitted (e.g. a court > or arbitrator has revoked a Domain Name* > *Registrant’s right to use the Domain Name, a relevant licensing or > services agreement between the Domain* > *Name Registrant and the Applicant has terminated, or the Domain Name > Registrant has failed to renew the* > *Domain Name); * > > It would be great if one or more of the CAs here could provide me with > some yearly statistics of certificates revoked due to these circumstances > listed above. > > *In order to do something as you propose, it must be possible to determine > the domain registration period. How do you propose to do that consistently > for all domains? (It's not actually available consistently).* > > All registries must provide a whois/status service, so determining the > domain registration period is as simple as hot knife going through butter. > While true for ICANN-contracted TLDs, there are TLDs beyond those - such as ccTLDs. That's what I was referring to, as it was recently discussed in the Forum regarding 3.2.2.4.1 methods of validation, and is (as some members noted), part of why 3.2.2.4.1 exists.
_______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
