Protocol Action: 'Certification Authority Authorization (CAA) Processing for Email Addresses' to Proposed Standard (draft-ietf-lamps-caa-issuemail-07.txt)
The IESG <iesg-secretary@ietf.org> Wed, 16 August 2023 21:33 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietf.org
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 684D4C15EF23; Wed, 16 Aug 2023 14:33:03 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Protocol Action: 'Certification Authority Authorization (CAA) Processing for Email Addresses' to Proposed Standard (draft-ietf-lamps-caa-issuemail-07.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 11.7.0
Auto-Submitted: auto-generated
Precedence: bulk
Cc: The IESG <iesg@ietf.org>, draft-ietf-lamps-caa-issuemail@ietf.org, housley@vigilsec.com, lamps-chairs@ietf.org, rdd@cert.org, rfc-editor@rfc-editor.org, spasm@ietf.org
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <169222158342.11637.15410810269380223741@ietfa.amsl.com>
Date: Wed, 16 Aug 2023 14:33:03 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/MWDpe-DiBi6X4lpRfmze8V9m3iA>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.39
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Aug 2023 21:33:03 -0000
The IESG has approved the following document: - 'Certification Authority Authorization (CAA) Processing for Email Addresses' (draft-ietf-lamps-caa-issuemail-07.txt) as Proposed Standard This document is the product of the Limited Additional Mechanisms for PKIX and SMIME Working Group. The IESG contact persons are Paul Wouters and Roman Danyliw. A URL of this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-lamps-caa-issuemail/ Technical Summary The Certification Authority Authorization (CAA) DNS resource record (RR) provides a mechanism for domains to express the allowed set of Certification Authorities (CAs) that are authorized to issue certificates for the domain. RFC 8659 contains the core CAA specification, where Property Tags that restrict the issuance of certificates which certify domain names are defined. This specification defines a Property Tag that grants authorization to CAs to issue certificates which contain the id-kp-emailProtection key purpose in the extendedKeyUsage extension and one or more rfc822Name or otherName of type id-on-SmtpUTF8Mailbox that include the domain name in the subjectAltName extension. Working Group Summary There was little controversy, and suggested improvements were readily accepted by the author. Individuals that participate in the CA/Browser Forum have followed the development of this specification carefully. Document Quality Several Certification Authorities have expressed interest in implementing this specification. The CA/Browser Forum will likely require support for this specification in their S/MIME Certificate Baseline Requirements. Personnel The Document Shepherd for this document is Russ Housley. The Responsible Area Director is Roman Danyliw.