CA/Browser Forum Members,
I would like to invite you to consider who you may know who would be a valuable addition to the domain validation security analysis. It would be great if we could get participation from a wide variety of people who don't normally participate in CA/Browser discussions. As a reminder, we are going to be discussing topics like the following: 1. What is domain control/domain ownership/IP validation/validation of authorization intended to validate? 2. How is validation typically done, for each method? Are there any vulnerabilities? Can they be fixed? This is already an ambitious agenda, so we are looking for participants who can participate in an intelligent, constructive conversation without going off on too many tangents or descending into too many ratholes. I'll be doing my best to keep us on topic and moving forward. It would be particularly helpful to have participants who have experience in the following areas: 1. Real-world experience with the validation procedures as they are currently practiced by public certificate authorities 2. Experience with threat modeling, analyzing a variety of protocols, or other methods for rigorously analyzing processes and procedures for potential vulnerabilities 3. Deep technical expertise related to how validation-related technologies perform and/or fail in the real world (DNS, WHOIS, Domain Registrars, Reverse IP lookup, and so on) 4. Technical challenges that prevent various validation methods from being usable by a significant fraction of certificate applicants, and thus drive users towards less desirable methods 5. Automation of validation protocols (i.e. ACME) We will be collecting lists of participants and doing what we can to allow them to participate. In preparation for the March 6th meeting, we would ask that prospective participants be willing to participate in a special meeting of the Validation Working Group on Thursday, March 1st, 11 am Eastern Time. -Tim
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
