20250117 - DCV email - WHOIS query definitively abandoned
We told you about it a few weeks ago, the deprecation of WHOIS query has finally been voted by the CA/B Forum.
The consequences
This vote has 2 objectives:
- prohibit the use of email addresses registered in WHOIS during DCV validation
- prohibit the reuse of domain validation if the latter was based on a DCV email that used a WHOIS email address
The authorities' calendar
Each authority has set up its own calendar to comply with the new recommendations of the CA/B Forum.
Please note: There are several ways to consult WHOIS information to collect data:
- automatically via the WHOIS protocol
- manually via a WHOIS web search when the first method does not yield anything
Here is the calendar indicating the deadlines for each authority and each type of consultation:
| Sectigo | DigiCert | GlobalSign*** | |
|---|---|---|---|
| End of manual searches | -* | 2025-01-08 | 2025-01-15 |
| Expiration of DCV validations carried out on the basis of manual searches | -* | 2025-01-08 | - |
| End of searches via the WHOIS protocol for the tld .nl | 2025-01-15 | 2025-05-08 | - |
| End of searches via the WHOIS protocol | 2025-06-14 | 2025-05-08 | 2025-07-15 |
| Expiration of DCV validations based on the WHOIS protocol | -** | 2025-07-08 | - |
* Sectigo has stopped using manual search since 2021.
** DCV pre-validation does not exist at Sectigo. The DCV challenge must be re-validated for each new request (new order, renewal or reissuance).
*** We do not have a calendar for GlobalSign, so we indicate here the dates planned by the CA/B Forum.
Useful Links
Last edited on 01/17/2025 15:42:37 --- [search]