On 03/05/17 21:31, Han Yuwei wrote:
> A question:How would a domain holder express denial for certain certificate 
> requests?

Please can you post new questions as new threads rather than as replies
to existing threads on another topic?

The answer to your question is that they can define which CAs they allow
using CAA (RFC 6844) but there is no mechanism yet for them to deny e.g.
requests for a DV cert.

dev-security-policy mailing list

Reply via email to