Ballot 78 – Updates to Domain and IP Validation, High Risk Requests, and Data Source in the Baseline Requirements

Server Certificate Working Group

Key dates

Effective date: 15 Jun 2012 14 years ago
Voting opened: 15 Jun 2012 14 years ago
Voting closed: 22 Jun 2012 14 years ago
Discussion opened: 07 Jun 2012 14 years ago
Discussion closed: 15 Jun 2012 14 years ago

AI Summary

Generated 2026-06-23 21:36 UTC

Ballot overview

Ballot 78 updates the Baseline Requirements for domain and IP validation, high risk requests, and data source rules.
The ballot page states it passed unanimously.
The motion says the changes are effective immediately.

What the ballot changes

Replaces the definition of Domain Authorization with Domain Authorization Document.
Adds definitions for High Risk Certificate Request and Reliable Data Source.
Replaces Section 11.1 to expand how a CA may confirm control of a domain name, including registrar confirmation, direct communication, WHOIS-based communication, admin email methods, a Domain Authorization Document, practical control via a web page change, or another documented method with equivalent assurance.
Replaces Section 11.1.1 to require that a Domain Authorization Document come from the Domain Name Registrant or Domain Name Registrar listed in WHOIS, and that it be dated on or after the certificate request date or used for a previously issued certificate with unchanged WHOIS since that issuance.
Replaces Section 11.1.2 to define acceptable methods for confirming control over an IP address, including practical control, IANA or RIR documentation, reverse-IP lookup followed by domain validation, or another documented method with equivalent assurance.
Replaces Section 11.3 to limit use of Section 11 documents and data to sources obtained no more than 39 months before issuing the certificate.
Replaces Section 11.5 to require documented procedures for identifying and applying additional verification to High Risk Certificate Requests before approval.
Replaces Section 11.6 to require evaluation of a data source’s reliability, accuracy, and resistance to alteration or falsification before using it as a Reliable Data Source.
Replaces Section 14.2.1 to allow delegation of Section 11 functions to a Delegated Third Party, subject to contractual, training, retention, logging, and assurance requirements.
Replaces Sections 11.2.1, 11.2.2, and 11.2.4 to update identity, DBA/tradename, and individual applicant verification requirements.

Timing and applicability

The ballot review period starts at 21:00 UTC on 7 June 2012 and closes at 21:00 UTC on 15 June 2012.
The voting period starts immediately after the review period and closes at 21:00 UTC on 22 June 2012.
The motion text says the changes are effective immediately.

Model: gpt-5.4-mini Confidence: 0.98 Result: passed

Effective date: 2012-06-15
Voting opened: 2012-06-15
Voting closed: 2012-06-22
Discussion opened: 2012-06-07
Discussion closed: 2012-06-15

Applicability and conditions

2012-06-15 — CAs must implement the ballot changes by this date All Baseline Requirements changes in the motion; the motion states the changes are effective immediately

AI-generated from the CABF ballot page. The official CABF article remains the authoritative source.

Excerpt

SearchHome » All CA/Browser Forum Posts » Ballot 78 – Updates to Domain and IP Validation, High Risk Requests, and Data Source in the Baseline RequirementsBallot 78 – Updates to Domain and IP Validation, High Risk Requests, and Data Source in the Baseline RequirementsBallot 78 – Updates to Domain and IP Validation, High Risk Requests, and Data Source in the Baseline Requirements (Passed Unanimously)

View on cabforum.org → Last fetched 16 hours ago