A Call to Reconsider Certification Authority Authorization (CAA)
Main:6 Pages
4 Figures
Bibliography:2 Pages
1 Tables
Appendix:1 Pages
Abstract
Certification Authority Authentication (CAA) is a safeguard against illegitimate certificate issuance. We show how shortcomings in CAA concepts and operational aspects undermine its effectiveness in preventing certificate misissuance. Our discussion reveals pitfalls and highlights best practices when designing security protocols based on DNS.
View on arXivComments on this paper