{"draft":"draft-ietf-pkix-caa-15","doc_id":"RFC6844","title":"DNS Certification Authority Authorization (CAA) Resource Record","authors":["P. Hallam-Baker","R. Stradling"],"format":["ASCII","HTML"],"page_count":"18","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"Public-Key Infrastructure (X.509)","abstract":"The Certification Authority Authorization (CAA) DNS Resource Record\r\nallows a DNS domain name holder to specify one or more Certification\r\nAuthorities (CAs) authorized to issue certificates for that domain.\r\nCAA Resource Records allow a public Certification Authority to\r\nimplement additional controls to reduce the risk of unintended\r\ncertificate mis-issue.  This document defines the syntax of the CAA\r\nrecord and rules for processing CAA records by certificate issuers.\r\n[STANDARDS-TRACK]","pub_date":"January 2013","keywords":["[--------]","DNS","DNSSEC","PKIX"],"obsoletes":[],"obsoleted_by":["RFC8659"],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC6844","errata_url":"https:\/\/www.rfc-editor.org\/errata\/rfc6844"}