On 26/09/17 00:03, Andrew wrote:
> is that the reports should only be sent in a situation where a
> certificate _would_ have been issued if not for the CAA records.
I'd say that's right. I'd think that by far the more common use case
would be internal policy enforcement at a company rather than
Has there been any serious discussion of the potential benefit of CAA reporting
for certificate issuance attempts?
I'm aware of what the spec says and the SHOULD language, etc...
I'm not a CA and don't represent one.
I do, however, think that it's easier to get buy-in for changes to CA
Hi,
I was wondering how a CAA reporting endpoint should react and wanted to
test it. However none of the CAs I tested seems to support reporting
yet.
Is anyone aware of a CA that does CAA reporting? (either via mail or
https or both.)
If no reporting on a live CA is in place is at least anyone
3 matches
Mail list logo