Oops, I missed item 1, disregard :)
On Fri, May 18, 2018, at 13:45, Jonathan Rudenberg via dev-security-policy wrote: > On Fri, May 18, 2018, at 13:00, josh--- via dev-security-policy wrote: > > 2. Performing a scan of current CAA records for the domain names we have > > issued for in the past 90 days, specifically looking for tags in CAA > > records with non-lowercase characters. We’ll examine such instances on a > > case-by-case basis to determine the appropriate action. > > Do you log the full CAA record set (if any) for each authorized domain? > If so, can you use those instead of the "current" records to find > potentially unauthorized issuance? > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
