jspωiki
Domain Authorization Document

Overview#

Domain Authorization Document is defined by the Certification Authority Browser Forum for Confirming the Applicant's control over the requested FQDN by relying upon the attestation to the Registration Authority of the Applicant to request a Certificate contained in a Domain Authorization Document.

Domain Authorization Document is part of the Certificate Request Process

The Domain Authorization Document MUST substantiate that the communication came from the Domain Contact. The CA MUST verify that the Domain Authorization Document was either:

  • (i) dated on or after the date of the domain validation request or
  • (ii) that the WHOIS data has not materially changed since a previously provided Domain Authorization Document for the Domain Name Space.

3.2.2.4.6 Agreedā€Upon Change to Website#

Confirming the Applicant's control over the requested FQDN by confirming one of the following under the "/.well-known/Pki-validation" directory, or another path registered with IANA for the purpose of Domain Validation, on the Authorization Domain Name that is accessible by the CA via HTTP/HTTPS over an Authorized Port:
  • The presence of Required Website Content contained in the content of a file or on a web page in the form of a meta tag. The entire Required Website Content MUST NOT appear in the request used to retrieve the file or web page, or
  • The presence of the Request Token or Request Value contained in the content of a file or on a webpage in the form of a meta tag where the Request Token or Random Value MUST NOT appear in the request.

Domain Authorization Document is an Identity Document that is used during Identity Proofing

More Information#

There might be more information for this subject on one of the following: