Sectigo nos envía el siguiente mensaje:
Sectigo Announcement:: Upcoming removal of WHOIS-Based Domain Control!
Planned Start: November 1, 2024 12:00AM UTC
Expected End: November 1, 2024 12:00AM UTC
Affected Infrastructure
Components: Certificate Issuing Platforms
Locations: Public CA
Details:
Recent vulnerabilities in the domain name WHOIS system (https://labs.watchtowr.com/we-spent-20-to-achieve-rce-and-accidentally-became-the-admins-of-mobi/) have highlighted the WHOIS-based domain-validation method as a weakness in the process of validating publicly-trusted digital certificates.
As a result, a ballot has been proposed in the CA Browser Forum (CABF) requiring that WHOIS-listed email addresses are no longer acceptable for domain validation, nor can historic domain validations based on WHOIS email addresses be reused. This ballot aims to deprecate the WHOIS-based domain validation method as soon as November 1, 2024.
We are currently investigating the impact of this proposed change.
If you use WHOIS-based domain validation methods, we recommend migrating to alternative methods as soon as possible.