UNLIMITED FREE ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already an Engineering360 user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your Engineering360 Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

IETF RFC 8659

DNS Certification Authority Authorization (CAA) Resource Record

active, Most Current
Buy Now
Organization: IETF
Publication Date: 1 November 2019
Status: active
Page Count: 17
scope:

Abstract

The Certification Authority Authorization (CAA) DNS Resource Record allows a DNS domain name holder to specify one or more Certification Authorities (CAs) authorized to issue certificates for that domain name. CAA Resource Records allow a public CA to implement additional controls to reduce the risk of unintended certificate mis-issue. This document defines the syntax of the CAA record and rules for processing CAA records by CAs.

This document obsoletes RFC 6844.

Document History

IETF RFC 8659
November 1, 2019
DNS Certification Authority Authorization (CAA) Resource Record
Abstract The Certification Authority Authorization (CAA) DNS Resource Record allows a DNS domain name holder to specify one or more Certification Authorities (CAs) authorized to issue certificates...

References

This document references:
RFC 1034 - Domain Names - Concepts and Facilities
Published by IETF on November 1, 1987
A description is not available for this item.
This document references:
RFC 1035 - Domain Names - Implementation and Specification
Published by IETF on November 1, 1987
A description is not available for this item.
This document is referenced by:
IETF RFC 8657 - Certification Authority Authorization (CAA) Record Extensions for Account URI and Automatic Certificate Management Environment (ACME) Method Binding
Published by IETF on November 1, 2019
Abstract The Certification Authority Authorization (CAA) DNS record allows a domain to communicate an issuance policy to Certification Authorities (CAs) but only allows a domain to define a policy...
This document is referenced by:
RFC 9115 - An Automatic Certificate Management Environment (ACME) Profile for Generating Delegated Certificates
Published by IETF on September 1, 2021
Abstract This document defines a profile of the Automatic Certificate Management Environment (ACME) protocol by which the holder of an identifier (e.g., a domain name) can allow a third party to...
View Less
View All
Advertisement