Certificate Authority Authorization (CAA) DNS records


The Certification Authority Authorization (CAA) DNS Resource Record allows a DNS domain name holder to specify the Certification Authorities (CAs) authorized to issue certificates for that domain. Publication of CAA Resource Records allows a public Certification Authority to implement additional controls to reduce the risk of unintended certificate mis-issue.

The CAA DNS record format looks like CAA <flags> <tag> <value>
where
flags is a number between 0 and 255
tag is one of issue, issuewild or iodef
value contains the specific domain data for the selected tag





Similar topics

Knowledge base

Howtos

Glossary

Frequently asked questions
Search:

How would you rate the quality of this content?

12345
Poor  Outstanding

Tell us why you rated the content this way.


Current rating: 2.00


12345