Adopted Ballot SC25 defining new HTTP domain validation methods

The CA/B Forum, the regulator in the SSL certificate industry, adopted Ballot SC25 by a majority vote. This ballot defines methods for HTTP domain validation.

According to the new requirement, method 6 (3.2.2.4.6) from the document “Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates” is considered to be discontinued. However, it will remain relevant during the transition period (3 months from the date of Ballot SC25 adoption). Subsequently, certification authorities will not be able to rely on this method when conducting domain validation.

Two new domain validation methods are also being introduced.

The first domain validation method is intended to replace the obsolete 3.2.2.4.6 method. A second method is required to describe ACME HTTP validation, as noted in section 8.3 of RFC 8555.

New methods for HTTP domain validation are available here: https://github.com/dougbeattie/documents/commit/bb90ff37c4bc043636229138d9923fcff670cdfc#diff-7f6d14a20e7f3beb696b45e1bf8196f2

Of particular interest are the new items:

• 3.2.2.4.18 - Agreed-Upon Change to Website v2
• 3.2.2.4.19 - Agreed-Upon Change to Website - ACME

Subscribe to our updates to stay up to date with the latest news from the world of SSL and online security.