IETF Logo Mail Archive

I-D Action: draft-wicinski-lamps-caa-00.txt

internet-drafts@ietf.org Sun, 24 March 2019 10:13 UTC

Return-Path: <internet-drafts@ietf.org>
X-Original-To: i-d-announce@ietf.org
Delivered-To: i-d-announce@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 61E31130E8D for <i-d-announce@ietf.org>; Sun, 24 Mar 2019 03:13:38 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Subject: I-D Action: draft-wicinski-lamps-caa-00.txt
X-Test-IDTracker: no
X-IETF-IDTracker: 6.94.1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <155342241835.18094.11308949653873122804@ietfa.amsl.com>
Date: Sun, 24 Mar 2019 03:13:38 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/i-d-announce/D1x-ZcUW1gdNMXaxFCHO6Caz-gk>
X-BeenThere: i-d-announce@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Internet Draft Announcements only <i-d-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i-d-announce>, <mailto:i-d-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i-d-announce/>
List-Post: <mailto:i-d-announce@ietf.org>
List-Help: <mailto:i-d-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i-d-announce>, <mailto:i-d-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 24 Mar 2019 10:13:38 -0000

A New Internet-Draft is available from the on-line Internet-Drafts directories.


        Title           : Alternative DNS Certification Authority Authorization (CAA) Resource Record
        Author          : Tim Wicinski
	Filename        : draft-wicinski-lamps-caa-00.txt
	Pages           : 3
	Date            : 2019-03-24

Abstract:
   [RFC6844] defines the Certification Authority Authorization (CAA) DNS
   Resource Record type to specify one or more Certification Authorities
   (CAs) authorized to issue certificates for that domain name.  With
   large domains covering multiple web properties, defining all possible
   certificate authorities for the domain has security implications.  It
   would be beneficial to define a CAA for individual host names.  This
   will allow CAA records that can be managed with fine grain control.

   This document provides an alternative CAA record using a _caa prefix
   label that will take precedent on a per Fully Qualified Domain Name
   (FQDN), if it exists.  It will override any CAA record at the zone
   apex.  This will not change current CAA record behavior, but will be
   an additional option.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-wicinski-lamps-caa/

There are also htmlized versions available at:
https://tools.ietf.org/html/draft-wicinski-lamps-caa-00
https://datatracker.ietf.org/doc/html/draft-wicinski-lamps-caa-00


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

v2.23.0 | Report a Bug | By Email