Hi all - sharing the draft text for "language improvements in EVGs regarding automation":
https://github.com/cabforum/servercert/compare/main...chrisbn:servercert:imp rove-evg-automation-issue-467 Any feedback is greatly appreciated. Christophe From: Christophe Bonjean Sent: Thursday, November 2, 2023 2:18 PM To: [email protected] Subject: Discussion on improvements for automation in the context of EV certificates Hi all, As a forum, without a doubt one of our goals is to consider areas of automation. In this context, we believe that there are a few areas where the language of the EV Guidelines is ambiguous, and this ambiguity may unnecessarily hinder the goal of automation. A few areas that we want to highlight: Due diligence requirement and how it relates to automated processes like domain validation All the verification processes and procedures are subject to review by someone who is not responsible for the collection of the information. Does this requirement make sense for elements like domain validation which can be completely automated? What is the added value of making the automated domain validation subject to the review by a person? Delegation of the final cross-correlation to Enterprise RA What exactly is in scope of this delegation? How does it differ from the role of a Certificate Approver? We would like to see if there's an opportunity and appetite to clarify some of the language surrounding these topics. Could this possibly be added to the agenda? Christophe
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Validation mailing list [email protected] https://lists.cabforum.org/mailman/listinfo/validation
