论文信息 - DNS Certification Authority Authorization (CAA) Resource Record

DNS Certification Authority Authorization (CAA) Resource Record

The Certification Authority Authorization (CAA) DNS Resource Record allows a DNS domain name holder to specify one or more Certification Authorities (CAs) authorized to issue certificates for that domain. CAA Resource Records allow a public Certification Authority to implement additional controls to reduce the risk of unintended certificate mis-issue. This document defines the syntax of the CAA record and rules for processing CAA records by certificate issuers. [STANDARDS-TRACK]

Phillip M. Hallam-Baker | Rob Stradling | P. Hallam-Baker | R. Stradling

[1] Yuri Demchenko,et al. The Incident Object Description Exchange Format , 2007, RFC.

[2] Paul V. Mockapetris,et al. Domain names: Concepts and facilities , 1983, RFC.

[3] Warwick Ford,et al. Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework , 1999, RFC.

[4] Donald E. Eastlake. Domain Name System (DNS) IANA Considerations , 2011, RFC.

[5] Ben Laurie,et al. DNS Security (DNSSEC) Hashed Authenticated Denial of Existence , 2008, RFC.

[6] Randy Bush,et al. Clarifications to the DNS Specification , 1997, RFC.

[7] Scott Rose,et al. Resource Records for the DNS Security Extensions , 2005, RFC.

[8] Brian Trammell,et al. Internet Engineering Task Force (ietf) Transport of Real-time Inter-network Defense (rid) Messages over Http/tls , 2022 .

[9] Thomas Narten,et al. Guidelines for Writing an IANA Considerations Section in RFCs , 1998, RFC.

[10] Scott Rose,et al. Protocol Modifications for the DNS Security Extensions , 2005, RFC.

[11] David Cooper,et al. Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2008, RFC.

[12] Scott Rose,et al. DNS Security Introduction and Requirements , 2005, RFC.

[13] Scott O. Bradner,et al. Key words for use in RFCs to Indicate Requirement Levels , 1997, RFC.

[14] Paul V. Mockapetris,et al. Domain names - implementation and specification , 1987, RFC.