On 18/12/17 13:18, Cristian Garabet via Public wrote: > According to BR 3.2.2.8. CAA Records the CA " MUST check for CAA > records and follow the processing instructions found, for each > dNSName in the subjectAltName extension of the certificate to be > issued, as specified in RFC 6844 as amended by Errata 5065 (Appendix > A)". Does the CAA records requirement also apply to S/MIME > certificates? Or is it planned to?
S/MIME certificates use rfc822Name, not dnsName, so no, it doesn't. Gerv _______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
