← Google Trust Services LLC cases
Bugzilla #1873739
Technical Compliance
Google Trust Services: uses "DNSSec-mostly" and DTPs for DNS resolution
RESOLVED
INVALID
Google Trust Services LLC
AI Summary
This case discusses Google Trust Services' (GTS) use of Google Public DNS and Cloudflare for DNS resolution in the context of domain validation. Concerns were raised regarding whether GTS's reliance on these services constituted the use of Delegated Third Parties (DTPs) as defined by the CA/Browser Forum's Baseline Requirements. GTS clarified that it operates its own DNSSEC validator and does not consider Google Public DNS as a DTP since its usage is within the scope of its WebTrust audit. The case was ultimately resolved as invalid, with the conclusion that GTS's practices comply with the necessary requirements.
Chronology
- Case created
- Case resolved as invalid
Participants
Lukas Tribus
Google Trust Services
Chris Clements
Andrew
TJ Tncks
Matthias
Daknob
External References
Similar Local Cases
Google Trust Services: CRL validity period set to expected value plus one second
Google Trust Services: digitalSignature KeyUsage not set
Sectigo: Reseller ZeroSSL and Private Key Generation
Google Trust Services: OCSP responses not published in a timely manner
Amazon Trust Services: Missing CAA Check For Test Website Certificates
E-Tugra: Forbidden Domain Validation Method 3.2.2.4.6
GoDaddy: DV certificates with organizationalUnit field in subject
GlobalSign: Cross Certificate with non-conforming CABF Policy OIDs