Comodo CA votes YES
Rich Smith
Senior Compliance Manager
ComodoCA.com
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Tim Hollebeek
via Public
Sent: Friday, March 23, 2018 5:40 AM
To: CA/Browser Forum Public Discussion List
Subject: [cabfpub] Voting
Tim,
I can take methods 2-4.
Regards,
Rich
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Tim Hollebeek
via Public
Sent: Tuesday, February 6, 2018 10:45 AM
To: CA/Browser Forum Public Discussion List
Subject: [cabfpub] Seeking Volunteers!
I'm
I think Ryan and Kirk are both right. Ryan in that for effective review the
change must be reviewed and understood as part of the whole, Kirk in that
sending out the whole document without redlining the specific changes under
review also makes review more difficult. I propose that we change
Comodo CA votes YES on Ballot 218.
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Tim Hollebeek
via Public
Sent: Monday, January 29, 2018 3:52 PM
To: CA/Browser Forum Public Discussion List
Subject: [cabfpub] Voting begins: Ballot 218 version 2
I'm
My position is that you can't verify domain ownership because the registrars
by and large do absolutely nothing to verify the information input by the
registrants. What are you actually verifying? As such technical
demonstration of domain control is the best we've got. I liken it to the
old
Mads,
I appreciate you trying to save this method, but IMO there is nothing that
can be done to strengthen this method enough to protect it against social
engineering. Your proposal relies on the assumption that EVERY validation
agent of EVERY CA MUST have at least the same level of understanding
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Dimitris
Zacharopoulos via Public
Sent: Friday, January 5, 2018 5:44 AM
--- BEGIN updated language for 3.2.2.4.1 ---
Confirming the Applicant's control over the FQDN by validating the Applicant is
the Domain Contact directly
Notwithstanding potential discussions to revamp this method, I stand by removal
at this time as it is currently dreadfully insecure and nowhere near equivalent
to the other methods.
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Doug Beattie via
Public
Sent: Wednesday,
I agree with Ryan on this and stand by my endorsement of this ballot to move
forward. I’m not opposed to adding 3.2.2.4.1 back in if it can be made much
more secure and brought up to equivalent level with the other methods, but I
also have my doubts as to whether or not that is possible in the
Matthias,
Please send me the details privately so that I can look into this for you.
This seems like a mistake on the part of whoever handled your request and
probably indicates a shortcoming in training.
Regards,
Rich Smith
Sr. Compliance Manager
Comodo
From: Public
Jeremy, I would also happily endorse a ballot removing both these methods.
-Rich
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Ryan Sleevi via
Public
Sent: Tuesday, December 19, 2017 4:03 PM
To: Jeremy Rowley ; CA/Browser Forum Public
Comodo votes YES
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Kirk Hall via
Public
Sent: Monday, October 16, 2017 6:58 PM
To: CA/Browser Forum Public Discussion List
Subject: [cabfpub] Voting has started on Ballot 207 - ASN.1 Jurisdiction in
EV Guidelines
If as a practice we are assigning ballot numbers to a ballot that does not yet
have a proposer and two endorsers we should stop that. It’s not officially a
ballot until that happens and throwing a number on a discussion topic, even one
which is in the form of a ballot, just causes confusion.
appen in an exception case.
On Fri, Sep 1, 2017 at 10:56 AM, Rich Smith via Public <public@cabforum.org
<mailto:public@cabforum.org> > wrote:
To follow up, first, I agree with Ryan that issuance w/out either registration
number or registration date is prohibited under current EVG t
To follow up, first, I agree with Ryan that issuance w/out either registration
number or registration date is prohibited under current EVG text.
I’d like to see us make some change to the Guidelines to address this because
I’ve come across several examples over the years where this has been
EVG 11.2.1 (1)(c) states:
(C) Registration Number: Obtain the specific Registration Number assigned to
the Applicant by the Incorporating or Registration Agency in the Applicant's
Jurisdiction of Incorporation or Registration. Where the Incorporating or
Registration Agency does not assign a
[mailto:public-boun...@cabforum.org] On Behalf Of Paul Hoffman via
Public
Sent: Monday, July 31, 2017 1:20 PM
To: CA/Browser Forum Public Discussion List <public@cabforum.org>
Subject: Re: [cabfpub] [Ext] Ballot 202 - Underscore and Wildcard Characters
On Jul 31, 2017, at 10:45 AM, Rich Smi
Hi Peter,
Overall, I like your suggestions, but could I ask that in definitions where you
refer to outside RFC definitions that you include those outside definitions
verbatim so that someone reading the BRs does not have to go scouring through
all the various RFCs? For example:
Change:
Peter,
You make good points. How about something along the lines of:
The CA SHALL NOT share the random value generated for methods 2 and/or 4 with
the Applicant via any other method, but the CA MAY accept that random value for
verification under methods 6, 7 and 10.
From: Public
I think the random value should simply be tied to a particular certificate
request and leave the rest up to the CA and the subscriber. More detailed
comments inline below.
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Jeremy Rowley
via Public
Sent: Tuesday, July 25, 2017
rect
issuance - https://cabforum.org/2016/02/12/ballot-161/ - which similarly
touched on a substantial discussion of these two words.
On Mon, Jul 17, 2017 at 11:49 AM, Rich Smith via Public <public@cabforum.org>
wrote:
> The BRs use the term misuse/misused in multiple places in regar
The BRs use the term misuse/misused in multiple places in regards to reasons
for revocation, and Subscriber representations, but do not define the term.
What constitutes misuse of a certificate? Phishing? Fraud? Or is it only
compromise of the private key or other action that results in
Comodo votes Yes on Ballot 204
Regards,
Rich Smith
Senior Compliance Manager
Comodo
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Gervase Markham
via Public
Sent: Monday, June 26, 2017 7:18 AM
To: CABFPub
Subject: [cabfpub] Ballot 204: Forbid DTPs
Comodo votes Yes.
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Kirk Hall via
Public
Sent: Sunday, June 25, 2017 4:53 PM
To: CA/Browser Forum Public Discussion List
Subject: [cabfpub] Voting has started on Ballot 192 - Notary revision
Voting ends the
Should we put this forth as a ballot? Anyone who might have reason that we
should go the other way can bring it up in the discussion period.
From: Ryan Sleevi [mailto:sle...@google.com]
Sent: Wednesday, June 21, 2017 9:30 AM
To: Gervase Markham
Cc: Rich Smith
If I’m not mistaken, Gerv is saying, rather than update a bunch of text in
other places, how about changing the name back to Baseline Requirements for the
Issuance and Management of Publicly-Trusted Certificates.
Gerv, if that is correct, I second the motion.
-Rich
From: Public
Ryan,
I’m not sure I see the point of hearing from those who have had no difficulty
with our past timetables. If they had no difficulties, then it seems, for
them, our processes and timetables were perfectly acceptable, so what is it
that we might learn from them, at least at this stage? I
I’m generally not in favor of things such as this because in my view it
shouldn’t need to be stated that one should engage with ones’ fellow humans
with respect, dignity and a modicum of decorum. That said, further comments
inline below.
From: Public [mailto:public-boun...@cabforum.org] On
Comodo votes YES
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Chris Bailey via
Public
Sent: Sunday, April 2, 2017 3:27 PM
To: public@cabforum.org
Cc: Chris Bailey
Subject: [cabfpub] Ballot 194 – Effective Date of Ballot 193 Provisions
Comodo votes YES
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Gervase Markham
via Public
Sent: Monday, April 3, 2017 1:06 PM
To: CABFPub
Cc: Gervase Markham
Subject: [cabfpub] Ballot 196: Define "Audit Period"
Ballot 196 - Define
Comodo votes YES
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Gervase Markham
via Public
Sent: Monday, April 3, 2017 12:58 PM
To: CABFPub
Cc: Gervase Markham
Subject: [cabfpub] Ballot 195: CAA Fixup
Ballot 195 - CAA Fixup
Purpose
Comodo votes YES
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Dimitris
Zacharopoulos via Public
Sent: Wednesday, April 5, 2017 2:47 AM
To: public@cabforum.org
Cc: Dimitris Zacharopoulos
Subject: [cabfpub] Ballot 189 (revised) - Amend Section 6.1.7 of
Would modifying Ben’s proposed wording to this resolve the issue?
This field is also optional if the organization is uniquely identifiable by
registration in a X.500 directory which has been adopted by the national
government in the same jurisdiction as the organization, and which does not
Ryan, Ben’s wording states that the registry is at the national level, so
rather than talking about Jurisdiction A and B, the labels are correctly
Country A and Country B, therefore even if every other field in the registries
were the same the C field will always be unique to the particular
You can make the move to hard fail any time you like.
-Original Message-
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Gervase
Markham via Public
Sent: Friday, March 10, 2017 6:37 AM
To: Kirk Hall ; CA/Browser Forum Public
Discussion List
Comodo votes YES
On 1/25/2017 9:27 AM, Kirk Hall via Public wrote:
Voting has started on Ballo3 183, and continues through Tuesday,
January 31, 2017 at 22:00 UTC. Please vote via the Public list.
*B**allot 183 – Amending the Bylaws to Clarify the Ballot Approval
Process*
*//*
The
36 matches
Mail list logo