This project is not maintained anymore. You can still view and search the archives.

CAA checking becomes mandatory for SSL/TLS certificates

Hi, I’m Anselm Hannemann, a freelance Frontend Developer and Engineering Manager. You can hire me. I wrote WDRL for 10 years and have a a Market Garden as a side-business.

This link appeared in WDRL 178 on 14.04.2017.

CAA checking becomes mandatory for SSL/TLS certificates

There’s a new DNS resource record: CAA. The Certificate Authority Authorization Record lets you specify which certificate authority is allowed to issue a certificate for your domain. From September 2017 on, CAs are required to check against these records, so you should consider adding that record to your DNS records as soon as possible.