On Tue, 17 Sep 2024 07:21:28 +0000 Adriano Santoni via Servercert-wg <[email protected]> wrote:
> I believe that the /interactive > /query of the domain registrar, directly on its website, can be > considered reliable to the extent that the CA is confident that it is in > fact consulting the "right" website. CAs were not consulting the right WHOIS server, despite a database of correct WHOIS servers existing (at least for gTLDs). How would the problem be better when it comes to finding the "right" website? The gTLD registry agreement requires gTLD operators to update the IANA Rootzone Database when their WHOIS server changes; I don't see a similar requirement for keeping a database of website URLs up-to-date. Regards, Andrew _______________________________________________ Servercert-wg mailing list [email protected] https://lists.cabforum.org/mailman/listinfo/servercert-wg
