UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

IETF RFC 6844

DNS Certification Authority Authorization (CAA) Resource Record

active, Most Current
Buy Now
Organization: IETF
Publication Date: 1 January 2013
Status: active
Page Count: 17
scope:

The Certification Authority Authorization (CAA) DNS Resource Record allows a DNS domain name holder to specify one or more Certification Authorities (CAs) authorized to issue certificates for that domain. CAA Resource Records allow a public Certification Authority to implement additional controls to reduce the risk of unintended certificate mis-issue. This document defines the syntax of the CAA record and rules for processing CAA records by certificate issuers.

Document History

IETF RFC 6844
January 1, 2013
DNS Certification Authority Authorization (CAA) Resource Record
The Certification Authority Authorization (CAA) DNS Resource Record allows a DNS domain name holder to specify one or more Certification Authorities (CAs) authorized to issue certificates for that...

References

This document references:
RFC 1035 - Domain Names - Implementation and Specification
Published by IETF on November 1, 1987
A description is not available for this item.
This document is referenced by:
IETF RFC 7633 - X.509v3 Transport Layer Security (TLS) Feature Extension
Published by IETF on October 1, 2015
The purpose of the TLS feature extension is to prevent downgrade attacks that are not otherwise prevented by the TLS protocol. In particular, the TLS feature extension may be used to mandate support...
This document is referenced by:
IETF RFC 8555 - Automatic Certificate Management Environment (ACME)
Published by IETF on March 1, 2019
Public Key Infrastructure using X.509 (PKIX) certificates are used for a number of purposes, the most significant of which is the authentication of domain names. Thus, certification authorities (CAs)...
This document is superseded by:
IETF RFC 8659 - DNS Certification Authority Authorization (CAA) Resource Record
Published by IETF on November 1, 2019
Abstract The Certification Authority Authorization (CAA) DNS Resource Record allows a DNS domain name holder to specify one or more Certification Authorities (CAs) authorized to issue certificates...
This document is superseded by:
IETF RFC 8659 - DNS Certification Authority Authorization (CAA) Resource Record
Published by IETF on November 1, 2019
Abstract The Certification Authority Authorization (CAA) DNS Resource Record allows a DNS domain name holder to specify one or more Certification Authorities (CAs) authorized to issue certificates...
View Less
View All
Advertisement