[gnso-rds-pdp-wg] Use case for WHOIS/RDP

Greg Shatan gregshatanipc at gmail.com
Tue Aug 16 18:54:57 UTC 2016 

On Tue, Aug 16, 2016 at 12:02 PM, Rob Golding <rob.golding at astutium.com>
wrote:

> > As to alternatives, your suggestions regarding using contact info on
> websites won't work in a vast number of cases,
> > because the certificate is often acquired before the website goes live
>
> I have never known a CA issue an EV certificate without requiring that
> there be a website, with the correct (requestors) contact information on it
> (and that contact information matches a-n-other 3rd party system like the
> utility)
>
> Internet != Web of course (and we've organised plenty of certificates
> where there isn't and never is expected to be a website but the encryption
> is still necessary)
>

​GS: Agreed, then -- there are some cases where a website needs to be live,
and many others where the website is not live first or no website is
intended for the use (e.g., an email only use).​

>
> > On top of that, there's no support for an assumption that websites will
> have contact info on them, in those cases (e.g.., renewal) where the site
> is live.
>
> It's a legal requirement in some jurisdictions, and at least 2 CAs I've
> obtained certificates from check the sites at least at SSL order time (and
> as they expire does mean periodic rechecks)
>

​GS: That's consistent with my statement.  Since it's only in some
jurisdictions, it's nothing we could depend on as a general matter.​


>
> > I am unaware of any report that shows sales data related to SSL/TLS certs
>
> Ironically, as the expiry date etc in an SSL Cert is "public", certificate
> holders face growing numbers of targeting phishing scams following the
> "fake renewal notice" methodology that has plagued domain Registrants for
> years (due to domain data being "public")
>
> Rob
>
>
> ---
> This email has been checked for viruses by Avast antivirus software.
> https://www.avast.com/antivirus
>
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20160816/a74e14ec/attachment.html>

More information about the gnso-rds-pdp-wg mailing list