Domain approval and domain control validation
Date: 19 September 2011
Original URL: http://www.auscert.org.au/render.html?cid=11262&it=14860
Domain approval and Domain Control Validation (DCV)
Before a participant organisation may request/order certificates from the CSM, it must add the associated :
which are to appear in the certificate to the Certificate Service Management (CSM) system, for approval by AusCERT. For non-internal domains, and public IP addresses, AusCERT must verify that each FQDN, or public IP address, belongs to the organisation before approving the addition of the domain in the CSM. This applies for all (SSL, code signing and S/MIME) certificate types.
This process does not apply to non-FQDNs that are for internal hosting purposes only. For more information about certificate requirements for non-FQDNs, refer to the FAQ.
Process for submitting a domain registered to your organisation for verification:
Domain Control Validation (DCV)
The CAB Forum standards (section 11.1.1) requires that Comodo and other CAs perform domain control validation (DCV) to verify domain ownership by POs. DCV procedures have been simplified by being built into the AusCERT CS Certificate Service Manager. To read more about using DCV within the CSM, see the following guide:
Note that public IP addresses are subject to manual verfication by Comodo.
Extended Validation SSL (EVSSL) certificates
EVSSL certificates have additional ("extended") validation steps, beyond those conducted by AusCERT for domain addition. POs can obtain EV SSL certificates for single and multiple domains, at extra cost, through the Certificate Service Manager. Contact AusCERT CS to enable this to occur. For further details about how to acquire an EVSSL Certificate through Comodo, see the FAQ.
Delays in issuing certificates
AusCERT will endeavour to approve domains within 2 hours. Feel free to send an email or ring if it is urgent so we may expedite it.
Certificates can't be issued for any domains that have not undergone Comodo's Domain Control Validation Process, and have the DCV status of "approved".
Therefore, to expedite a certificate request make sure you specify and follow the steps necessary to complete DCV. Details of the process are above.