[cabfpub] Continuing the discussion on CAA

Gervase Markham gerv at mozilla.org
Mon Oct 24 15:43:16 UTC 2016

On 24/10/16 16:40, Jeremy Rowley via Public wrote:
> Has there been an issuance to a third party that CAA would have prevented?
> Since there's no way to ensure compliance with a hard-fail CAA requirement,
> will CAA do anything useful? We don't mind CAA as a validation check, but
> I'm curious if anyone knows of an issued cert that would have been rejected
> if CAA were fully implemented.

https://github.com/letsencrypt/boulder/issues/1231 :-)


More information about the Public mailing list