There are at least two easily available mechanisms to ensure this: 1. As active participants in the discussion, one should presume that representatives of a given CA are actively watching discussions which involve them and that they themselves would call attention to any unauthorized statements purported to have been made by them.
2. In the presence of extraordinary claims at any point, one could always reach out to their official contact points to confirm the legitimacy and content of assertions made in their name. In addition, at the end of the discussion, it's perfectly reasonable to send a summary to the official contact points for confirmation. On Thursday, December 15, 2022 at 12:19:22 PM UTC-6 [email protected] wrote: > > Fair enough, then what do you suggest we do to improve the security of > this process and actually ensure that e.g. [email protected] is indeed > SERPRO or BJCA.cn? > -- You received this message because you are subscribed to the Google Groups "public" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/ccadb.org/d/msgid/public/4ca2f825-625f-4f62-a5c1-5dcd9a6e5caan%40ccadb.org.
