You’re right and there is a proposal to do exactly that. It will be discussed on the VWG today if you want to join. We do need a more formal and rigorous evaluation of the risks and vulnerabilities inherent in the use of each validation method.
-Tim Intuitively, these methods were proved to be the "weakest" among the other methods, even though there are known vulnerabilities for almost all of them (including DNS/routes hijacking, etc). The validation working group should discuss more about the threats of each method (and how to formalize the level of assurance) in case a similar discussion about the other methods is brought forward.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
