RFC 6844
DNS Certification Authority Authorization (CAA) Resource Record, January 2013
- File formats:
- Status:
- PROPOSED STANDARD
- Obsoleted by:
- RFC 8659
- Authors:
- P. Hallam-Baker
R. Stradling - Stream:
- IETF
- Source:
- pkix (sec)
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC6844
Discuss this RFC: Send questions or comments to the mailing list pkix@ietf.org
Other actions: View Errata | Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 6844
Abstract
The Certification Authority Authorization (CAA) DNS Resource Record allows a DNS domain name holder to specify one or more Certification Authorities (CAs) authorized to issue certificates for that domain. CAA Resource Records allow a public Certification Authority to implement additional controls to reduce the risk of unintended certificate mis-issue. This document defines the syntax of the CAA record and rules for processing CAA records by certificate issuers. [STANDARDS-TRACK]
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.