Bruce:
You are correct, if the WHOIS records do not match then the process is
stopped. In the case of a private domain registration as per your
Domains by Proxy example, we would confirm via another method such as
1) through the registar (Domains by Proxy provides this service), 2)
have domain information made public, 3)communication with the
registrant through the registrar.
Business ID is generally performed through third party database look-
ups. Individual ID is accepted by fax.
Authorization is confirmed by calling an authorizing contact at the
business that has registered the domain. This is an additional contact
to the certificate requester.
Excellent Bruce, I think those were the missing links I was looking for.
Just to make sure, in case no authorized contact is published at the
WHOIS records or registrar (perhaps when only the company name is
published) I guess that you'll request confirmation of the owners or CEO
or other reasonable contact of the company in order to confirm
authorization of the subscriber. Is there such a procedure?
If positive I think this satisfies my questions in full. There might be
another issue, which I'll discuss first with Frank before turning to you
for any further help. Thanks for your cooperation!
Regards
Signer: Eddy Nigg, StartCom Ltd. <http://www.startcom.org>
Jabber: [EMAIL PROTECTED] <xmpp:[EMAIL PROTECTED]>
Blog: Join the Revolution! <http://blog.startcom.org>
Phone: +1.213.341.0390
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
