Back DNS Certification Authority Authorization German Autorización de la Autoridad de Certificación Spanish DNS Certification Authority Authorization French DNS Certification Authority Authorization ID DNS Certification Authority Authorization Japanese DNS Certification Authority Authorization Korean DNS Certification Authority Authorization Malay DNS证书颁发机构授权 Chinese
| Abbreviation | CAA |
|---|---|
| Status | Proposed Standard |
| First published | October 18, 2010 |
| Latest version | RFC 8659 November 2019 |
| Organization | IETF |
| Authors |
|
DNS Certification Authority Authorization (CAA) is an Internet security policy mechanism that allows domain name holders to indicate to certificate authorities whether they are authorized to issue digital certificates for a particular domain name. It does this by means of a "CAA" Domain Name System (DNS) resource record.
It was drafted by computer scientists Phillip Hallam-Baker and Rob Stradling in response to increasing concerns about the security of publicly trusted certificate authorities. It is an Internet Engineering Task Force (IETF) proposed standard.