Axnhost.com

WHOIS Domain Control Validation Will Phase Out Starting Jan. 8

Feature image for the article on the phased changes to the WHOIS domain control valiaiton (DCV) methods that were specified by the CA/B Forum

If you’ve used WHOIS-based validation for your SSL/TLS certificates, it’s time to change to another validation method ASAP

Changes are coming down the pike regarding WHOIS-based domain validation in the first half of 2025.

In August 2024, researchers at WatchTowr Labs discovered a vulnerability relating to use of legacy WHOIS systems for domain control validation (DCV) that industry leaders were concerned could lead to fraudulent email-based validations for SSL/TLS certificates. Although the scope of the specific vulnerability was limited, it brought up questions about the industry’s reliance on certain legacy resources for validation.

On Dec. 14, the CA/Browser Forum (CA/B Forum) adopted a phased sunset for WHOIS-based methods of domain ownership validation after several months of discussion. But what do these changes mean to you as a domain owner and to the certification authorities (CAs) you rely on?

Let’s hash it out.

The post WHOIS Domain Control Validation Will Phase Out Starting Jan. 8 appeared first on Hashed Out by The SSL Store™.

Article source: https://www.thesslstore.com/blog/whois-domain-control-validation-will-phase-out-starting-jan-8/

The SSL Store Security Specialist