[cabfpub] Draft CAA motion (2)
Gervase Markham
gerv at mozilla.org
Fri Nov 11 11:21:05 UTC 2016
On 10/11/16 20:28, Steve Medin wrote:
> Sorry, I’m not citing existing BR content, I’m proposing new to give
> weight to a vendor/client relationship. Add a clause to Gerv’s motion
> that recognizes that a customer can opt out of a CA checking CAA by
> contract. Require that the CA indicate this choice through presence of a
> CABF arc CP OID at EE tier, allowing programmatic checking of CAA
> violation.
Except that's not possible, because post-issuance checking of CAA is not
a good idea, according to the RFC.
Gerv
More information about the Public
mailing list