Conversation
There was a problem hiding this comment.
Pull request overview
Updates the library’s public documentation/Javadocs to reflect the currently supported DCV methods, adding BR 3.2.2.4.13 (Email to DNS CAA Contact) and marking BR 3.2.2.4.2 (WHOIS-based) as deprecated/unsupported.
Changes:
- Update Javadocs to include BR 3.2.2.4.13 as supported (and remove/avoid implying BR 3.2.2.4.2 support).
- Update
DomainValidationEvidenceJavadoc to reflect the set of email-based methods that populateemailAddress. - Update README/README-details supported-methods documentation to add BR 3.2.2.4.13 and deprecate BR 3.2.2.4.2.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| library/src/main/java/com/digicert/validation/enums/DcvMethod.java | Updates method support listing in enum Javadoc to include BR 3.2.2.4.13 as supported. |
| library/src/main/java/com/digicert/validation/common/DomainValidationEvidence.java | Updates Javadoc for emailAddress population to include BR 3.2.2.4.13 and remove BR 3.2.2.4.2. |
| library/src/main/java/com/digicert/validation/DcvManager.java | Updates EmailValidator Javadoc: removes BR 3.2.2.4.2 from “Handles” and adds deprecation note plus BR 3.2.2.4.13. |
| README.md | Deprecates BR 3.2.2.4.2 in Supported Methods and adds a new section for BR 3.2.2.4.13. |
| README-details.md | Updates the email validation section heading to include BR 3.2.2.4.13. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
|
||
|
|
||
| ### [Email to DNS CAA Contact](https://github.com/cabforum/servercert/blob/main/docs/BR.md#322413-email-to-dns-caa-contact) | ||
| * The prepare step obtains the email address of the DNS CAA contact (`contactemail` in CAA records), using the RFC 8659 Section 3 CAA search algorithm. |
There was a problem hiding this comment.
The README claims the CAA contact email lookup uses the RFC 8659 Section 3 CAA search algorithm. In the current implementation, the library delegates CAA DNS retrieval to the configured MpicClientInterface (default is a noop) and the in-repo providers just request CAA records for the exact domain and filter contactemail. Unless the library itself guarantees RFC 8659-style CAA processing, this statement is misleading—please either remove the RFC 8659 claim or reword it to clarify it depends on the MPIC/DNS client implementation.
| * The prepare step obtains the email address of the DNS CAA contact (`contactemail` in CAA records), using the RFC 8659 Section 3 CAA search algorithm. | |
| * The prepare step attempts to obtain the email address of the DNS CAA contact (`contactemail` in CAA records) via the configured MPIC/DNS client. Whether the RFC 8659 Section 3 CAA search algorithm is applied depends on that client’s implementation; this library itself does not enforce or implement the full RFC 8659 search behavior. |
Summary
Updates open-source documentation and Javadocs to accurately reflect the current set of supported DCV methods:
Adds BR 3.2.2.4.13 (Email to DNS CAA Contact) as a supported method across all documentation.
Marks BR 3.2.2.4.2 (Email, Fax, SMS, or Postal Mail to Domain Contact) as deprecated and not supported by this library.