I quoted that from the Baseline Requirements but I do not see it defined anywhere.
> On Feb 4, 2018, at 1:03 PM, Moudrick M. Dadashov <m...@ssc.lt> wrote: > > Hi Peter, > > Is the "right to use" (in p. 1) defined somewhere? > > Thanks, > M.D. > > On 2/4/2018 9:19 PM, Peter Bowen via Public wrote: >> There has been a lot of discussion of which validation methods are >> acceptable and meet the bar for issuance of a certificate but I've not seen >> anyone clearly state the requirements for issuance. I think it is important >> we agree on what is being certified before we try to fix the validation >> process any further. Without doing so, there is no way to reasonably judge >> the effectiveness of any method. >> >> Section 9.6.1 of the BRs is the closest I could find to spelling out exactly >> what is being certified. Reading that, it looks like the following is true: >> >> The issuer named in the certificate, as of the issuance date, certified that: >> >> 1) the Applicant either had the right to use, or had control of, the Domain >> Name(s) and IP address(es) listed in the Certificate’s subject field and >> subjectAltName extension or, in the case of Domain Names, was delegated such >> right or control by someone who had such right to use or control, and >> >> 2) the natural person, device, system, unit, or Legal Entity identified in >> the Certificate as the Subject authorized the issuance of the Certificate, >> and >> >> 3) the Subject is either the Applicant or a device under the control and >> operation of the Applicant, and >> >> 4) that the natural person or human sponsor who was either the Applicant, >> employed by the Applicant, or an authorized agent who had express authority >> to represent the Applicant was authorized to request the Certificate on >> behalf of the Subject, and >> >> 5) the issuer verified the accuracy of all of the information contained in >> the Certificate (with the exception of the subject:organizationalUnitName >> attribute), and >> >> 6) the issuer followed procedures to reduce the likelihood that the >> information contained in the Certificate’s subject:organizationalUnitName >> attribute is misleading >> >> >> There may be other things certified, but these six things are required for >> all certificates, as I read the BRs. Do others agree? Should this list be >> longer or shorter? >> >> Thanks, >> Peter >> >> _______________________________________________ >> Public mailing list >> Public@cabforum.org <mailto:Public@cabforum.org> >> https://cabforum.org/mailman/listinfo/public >> <https://cabforum.org/mailman/listinfo/public> >
_______________________________________________ Public mailing list Public@cabforum.org https://cabforum.org/mailman/listinfo/public