[cabfpub] Forbid DTPs from doing Domain/IP Ownership Validation ballot draft

Gervase Markham gerv at mozilla.org
Thu Apr 13 09:42:31 MST 2017


On 29/03/17 15:42, Gervase Markham via Public wrote:
> On 28/03/17 20:11, Peter Bowen wrote:
>> I think it would be good to clarify that this does not prevent using
>> contractors or third parties for domain validation, but rather requires
>> the CA not exclude it from their audit scope.  For example, a CA might
>> decide to use a service like https://www.whoisxmlapi.com/ to help get
>> and parse whois data.  This is clearly a third party involved in the
>> validation process.  The same would be true if the CA uses a service to
>> send emails.
>>
>> What is relevant is that the CA takes responsibility for the process.
> 
> Can you propose changes which would have this effect?

Discussion on the call today suggests that https://www.whoisxmlapi.com/
may or may not be a DTP.

Anyway, if you think changes are needed to meet this goal, please
propose them.

Gerv


More information about the Public mailing list