The IESG has received a request from the Limited Additional Mechanisms for PKIX and SMIME WG (lamps) to consider the following document: - 'DNS Certification Authority Authorization (CAA) Resource Record' <draft-ietf-lamps-rfc6844bis-05.txt> as Proposed Standard
The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the [email protected] mailing lists by 2019-05-08. Exceptionally, comments may be sent to [email protected] instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract The Certification Authority Authorization (CAA) DNS Resource Record allows a DNS domain name holder to specify one or more Certification Authorities (CAs) authorized to issue certificates for that domain name. CAA Resource Records allow a public Certification Authority to implement additional controls to reduce the risk of unintended certificate mis-issue. This document defines the syntax of the CAA record and rules for processing CAA records by certificate issuers. This document obsoletes RFC 6844. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-lamps-rfc6844bis/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-ietf-lamps-rfc6844bis/ballot/ No IPR declarations have been submitted directly on this I-D.
