RFC 6844

DNS Certification Authority Authorization (CAA) Resource Record, January 2013

Canonical URL:
https://www.rfc-editor.org/rfc/rfc6844.txt
File formats:
Plain TextPDF
Status:
PROPOSED STANDARD
Authors:
P. Hallam-Baker
R. Stradling
Stream:
IETF
Source:
pkix (sec)

Cite this RFC: TXT  |  XML

DOI:  10.17487/RFC6844

Discuss this RFC: Send questions or comments to pkix@ietf.org

Other actions: Find Errata (if any)  |  Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

The Certification Authority Authorization (CAA) DNS Resource Record allows a DNS domain name holder to specify one or more Certification Authorities (CAs) authorized to issue certificates for that domain. CAA Resource Records allow a public Certification Authority to implement additional controls to reduce the risk of unintended certificate mis-issue. This document defines the syntax of the CAA record and rules for processing CAA records by certificate issuers. [STANDARDS-TRACK]


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Download PDF Reader



Search RFCs
Advanced Search
×