[cabfpub] Draft CAA motion (2)

Gervase Markham gerv at mozilla.org
Fri Nov 11 11:19:43 UTC 2016


On 10/11/16 18:29, Steve Medin wrote:
> Well, that depends on the validity of a contract from the customer that 
> absolves the CA from the requirement to check CAA within their service.

The failure case I was thinking of is if a domain they shouldn't
actually get certs for ends up on their whitelist. You'd have to be
pretty confident that could never, ever happen.

Gerv



More information about the Public mailing list