Skip to Content.
Sympa Menu

cacert-sysadm - Re: [Cacert-sysadm] CAcert email address snafu

cacert-sysadm AT lists.cacert.org

Subject: CAcert System Admins discussion list

List archive

Re: [Cacert-sysadm] CAcert email address snafu


Chronological Thread 
  • From: "Sam Johnston" <samj AT samj.net>
  • To: IanG <iang AT cacert.org>
  • Cc: CAcert System Administrators <cacert-sysadm AT lists.cacert.org>
  • Subject: Re: [Cacert-sysadm] CAcert email address snafu
  • Date: Fri, 29 Aug 2008 12:37:10 +0200
  • List-archive: <http://lists.cacert.org/pipermail/cacert-sysadm>
  • List-id: CAcert System Admins discussion list <cacert-sysadm.lists.cacert.org>

On Fri, Aug 29, 2008 at 12:25 PM, IanG <iang AT cacert.org> wrote:

> Perhaps but this doesn work for many domains and would likely be
> unreliable.

we can resolve this difficulty by using "USER CHOICE."  It
works this way:

We create a range of possibilities for the member to choose
how to establish a good claim of control or ownership.  The
user selects from this choice.  If the user can use the
first one, they do.  If the second, that also is available.
 If the third is better, they choose that...

...and our security is limited to the weakest of the options.
 
The current method has flaws.  The method I suggest has
flaws.  The method you suggest has flaws.  Provide them all
and get some confidence from a couple of them, combined!

...or require them to do 'a couple of them' (eg update WHOIS /and/ create CNAME) and you raise the bar too far unnecessarily.

Sam




Archive powered by MHonArc 2.6.16.

Top of Page