Section 3.2.2 of the SBR references the TLS BR for domain validation.
A proposed TLS ballot would introduce a new requirement for Multi-perspective Domain Validation to reduce the likelihood that routing attacks (e.g., BGP hijacking) can result in fraudulently issued certificates. See a version of the proposed changes at https://github.com/cabforum/servercert/pull/487/files
Some of these changes are outside the sections currently "pulled in" by the SBR (for example in the new section 3.2.2.9 of the draft above), so edits would need to be made to the SBR to ensure appropriate coverage.
srdavidson
commented
1 month ago
Section 3.2.2 of the SBR references the TLS BR for domain validation.
A proposed TLS ballot would introduce a new requirement for Multi-perspective Domain Validation to reduce the likelihood that routing attacks (e.g., BGP hijacking) can result in fraudulently issued certificates. See a version of the proposed changes at https://github.com/cabforum/servercert/pull/487/files
Some of these changes are outside the sections currently "pulled in" by the SBR (for example in the new section 3.2.2.9 of the draft above), so edits would need to be made to the SBR to ensure appropriate coverage.