On 27/02/17 21:23, Ryan Sleevi via Public wrote: > 1. As discussed on Twitter with Gerv and Jacob, there's no easy or > unambiguous way to automate this lookup. Relatedly, I am a fan > of Ryan's suggestion on making the CPS be machine-readable so > these CAA values can be extracted by code rather than humans.
I wonder whether making all CPSes machine-readable is a bit of overkill. I've been pondering the need for a central registry of security contact information for CAs. Perhaps that could also have a column for the domain names that CA recognises as permitting it to issue when present in a CAA record. It shouldn't be too hard to make this list human-readable. We will seek this information for each CA in our program using our next CA Communication. Gerv _______________________________________________ Public mailing list Public@cabforum.org https://cabforum.org/mailman/listinfo/public