How are the concerns that were raised by Microsoft (copied below for
reference) addressed in this version? If the intent is for the language in
section 2.g(iv) to only apply to periodic, policy-driven password changes
and not to prevent event-driven changes, I think that should be clarified.
*
Greetings. I am interested in finding out which member CAs use each of the
methods listed in Section 3.2.2.4 of the BRs. I looked around the CABF web site
and could not find any such list, but could have missed it. If the CABF doesn't
keep such a list, does anyone know of an external researcher
On Thu, Jul 12, 2018 at 7:42 AM Paul Hoffman via Public
wrote:
> Greetings. I am interested in finding out which member CAs use each of the
> methods listed in Section 3.2.2.4 of the BRs. I looked around the CABF web
> site and could not find any such list, but could have missed it. If the
>
On Thu, Jul 12, 2018 at 10:22 AM Ryan Sleevi wrote:
> As you can know, providing information in a transparent and verifiable way
> tends to be a challenge, and in general, is unsuccessful within the
> CA/Browser Forum itself. However, it's also important to consider that the
> CA/Browser Forum
Adding the public list as discussed on the call.
Registrars and registries can and should implement masked contact
information that allows contact with the domain owner without privacy
concerns.
-Tim
From: Servercert-wg [mailto:servercert-wg-boun...@cabforum.org] On Behalf Of
Adriano
Adding the public list as discussed on the call.
-Tim
From: Servercert-wg [mailto:servercert-wg-boun...@cabforum.org] On Behalf Of
Adriano Santoni via Servercert-wg
Sent: Thursday, July 12, 2018 1:53 AM
To: servercert...@cabforum.org
Subject: Re: [Servercert-wg] Ballot SC3: Improvements
If you are interested in following the work of the Server Certificate Working
Group, you can subscribe here:
https://cabforum.org/mailman/listinfo/servercert-wg
If you subscribe, and after a while you notice that you are not receiving
emails sent to
I've proposed a ballot that would require validation methods to be
documented in publicly trusted certificates:
https://cabforum.org/pipermail/validation/2018-June/000917.html
And have since received some feedback and revised it:
https://cabforum.org/pipermail/validation/2018-June/000953.html
On Jul 12, 2018, at 12:51 PM, Wayne Thayer wrote:
> Paul- can explain your use case for this information? That might help us
> determine if the proposal is worth pursuing.
There are communities who use certificates who trust some BR-allowed methods
more than others. Some of the methods are