gh an appropriate
> and readily accessible online means that is available on a 24x7 basis. The
> CA is also REQUIRED to publicly disclose its CA business practices as
> required by WebTrust for CAs and ETSI TS 102 042 and ETSI EN 319 411-1.
> The disclosures MUST be structured in accordance with
or
> RFC 3647."
>
>
>
> With the following:
>
>
>
> "Each CA MUST publicly disclose its Certificate Policy and/or
> Certification Practice Statement through an appropriate and readily
> accessible online means that is availab
Hi Kirk,
As mentioned previously, these Review Notices don't comply with Section
2.4(e) of the Bylaws and our IPR Policy, Section 4.1
As per https://cabforum.org/wp-content/uploads/CABF-IPR-Policy-v.1.2.pdf
Prior to the approval of a CAB Forum Draft Guideline as a CAB Forum Final
Guideline or
OATI Abstains on Ballot 218 version 2.
Thanks
With kind regards,
Patrick Tronnier
Principal Security Architect &
Sr. Director of Quality Assurance & Customer Support
Phone: 763.201.2000
Direct Line: 763.201.2052
Open Access Technology International, Inc.
3660 Technology Drive NE, Minneapolis,
SSL.com votes Yes on Ballot 218 version 2.
Regards,
Fotis
On 29/01/2018 11:51 μμ, Tim Hollebeek via Public wrote:
>
>
> I’m highly skeptical that discussing this for another month will change
> anybody’s minds. It has already been discussed for over a month,
> including at three validation
You’re right and there is a proposal to do exactly that. It will be discussed
on the VWG today if you want to join. We do need a more formal and rigorous
evaluation of the risks and vulnerabilities inherent in the use of each
validation method.
-Tim
Intuitively, these methods were
All currently approved Domain Validation methods provide some level of
assurance which is not easily quantifiable without calculating the risks
(vulnerabilities, threats) of each method. If we had a methodology to
quantify the assurance level of each method, we would be able to compare
them.
The