Subject: Policy-Discussion
List archive
- From: Karl-Heinz Gödderz <CAcert AT GuKK-Online.de>
- To: cacert-policy <cacert-policy AT lists.cacert.org>
- Subject: implementing testing of new CAA-record in DNS according RFC6844
- Date: Mon, 19 Mar 2018 17:25:49 +0100
Dear policy-group members,
we were informed that
> since september, 8th, 2017 CAs must check DNS' CAA records. This
> decision was taken in spring 2017 by CA/Browser forum which CAcert is
> member of.
>
> I can't see that this is already implemented in CAcert's signing
> software, therefore I would like to ask you to take care of.
does anyone from this group know if we have to change one of our
policies to be allowed to implement this imperative?
I couldn't find any in CPS. Which more policies do apply?
Greetings
Karl-Heinz
* more information https://tools.ietf.org/html/rfc6844
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
- implementing testing of new CAA-record in DNS according RFC6844, Karl-Heinz Gödderz, 03/19/2018
- Re: implementing testing of new CAA-record in DNS according RFC6844, Eva Stöwe, 03/19/2018
- Re: implementing testing of new CAA-record in DNS according RFC6844, Bernhard Fröhlich, 03/20/2018
Archive powered by MHonArc 2.6.18.