PKI Consortium blog
Posts by tag CAA
What is Certification Authority Authorization?
September 25, 2013 by Rick Andrews CAA IETF Policy SSL/TLS
DNS Certification Authority Authorization (CAA), defined in IETF draft RFC 6844, is designed to allow a DNS domain name holder (a website owner) to specify the certificate signing certificate(s) authorized to issue certificates for that domain or website. Usually, the certificate signing certificate will belong to the Certification Authority (CA) that issues SSL certificates to you. It’s a way for you to indicate which CA or CAs you want to issue certificates for your domains.