> so It would mean all of parameter definitions can be applied to issuewild > too, and if there is only they will be considered?
Yes, the regular CAA selection MUST be followed, or the CA might not be authorized to issue the certificate after all. The parameters can be applied to any CAA property (issue, issuewild, vmc, issuemail, etc.) as long as the ACME client supports the protocol, and the CA supports the issuance. ________________________________ From: Seo Suchan <[email protected]> Sent: Thursday, July 13, 2023 09:54 To: Paul van Brouwershaven <[email protected]>; Tim Hollebeek <[email protected]>; Tim Hollebeek <[email protected]>; Mike Ounsworth <[email protected]>; [email protected] <[email protected]> Subject: Re: [Acme] [EXTERNAL] New Version Notification for draft-vanbrouwershaven-acme-auto-discovery-00.txt so It would mean all of parameter definitions can be applied to issuewild too, and if there is only they will be considered? 2023-07-13 오후 4:47에 Paul van Brouwershaven 이(가) 쓴 글: 3.1.1. recommend clarifying the extent to which case matters. How should "TRUE" or "True" be handled? The document now specifies that this must be a lower-case Boolean 4-5. This is WAY in the weeds, and possibly should just be ignored, but there's actually no requirement that the CA is able to host content at the domain specified in the CAA tag. At a minimum, they're only required to have permission from the domain owner (RFC 8659, first paragraph, item 2, second clause). This might actually even happen due to acquisitions. In such situations, a CA might actually be unable to host content on a .well-known URL for a tag it uses. CAs could instruct the user to use a new CAA issuer-domain and they pro Any email and files/attachments transmitted with it are intended solely for the use of the individual or entity to whom they are addressed. If this message has been sent to you in error, you must not copy, distribute or disclose of the information it contains. Please notify Entrust immediately and delete the message from your system.
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
