On 24/10/16 16:39, Eric Mill wrote: > Would this _only_ apply to CAs which also control DNS? I don't think > that addresses the scenario that Eneli described, where a DNS provider > or ISP is persuaded (or fooled) by an external CA into adding a CAA > record on their system for their customers.
No, my drafting was intended to apply to all CAs. Gerv _______________________________________________ Public mailing list Public@cabforum.org https://cabforum.org/mailman/listinfo/public