You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Jan 23, 2024. It is now read-only.
A DNS CAA (certificate authorization authority) record allows domain owners to restrict TLS cert issuance to specific Certificate Authorities (Why DNS CAA is important - link). This is useful because Certificate Authorities might wilfully mis-issue certificates to parties which have not demonstrated ownership of the domain, which can then let that party use the certificate to mislead other people into thinking they are the real website. This can then lead to man-in-the-middle attacks. However, DNS CAA is still under the Proposed Standard status so there is no hurry in implementing this.
A DNS CAA (certificate authorization authority) record allows domain owners to restrict TLS cert issuance to specific Certificate Authorities (Why DNS CAA is important - link). This is useful because Certificate Authorities might wilfully mis-issue certificates to parties which have not demonstrated ownership of the domain, which can then let that party use the certificate to mislead other people into thinking they are the real website. This can then lead to man-in-the-middle attacks. However, DNS CAA is still under the
Proposed Standardstatus so there is no hurry in implementing this.