The Latest in IT Security

DNS record will help prevent unauthorized SSL certificates

12
Apr
2017
DNS record will help prevent unauthorized SSL certificates

dns-record-will-help-prevent-unauthorized-ssl-certificates

In a few months, publicly trusted certificate authorities will have to start honoring a special Domain Name System (DNS) record that allows domain owners to specify who is allowed to issue SSL certificates for their domains.

The Certification Authority Authorization (CAA) DNS record became a standard in 2013 but didn’t have much of a real-world impact because certificate authorities (CAs) were under no obligation to conform to them.

The record allows a domain owner to list the CAs that are allowed to issue SSL/TLS certificates for that domain. The reason for this is to limit cases of unauthorized certificate issuance, which can be accidental or intentional, if a CA is compromised or has a rogue employee.

Read More

Leave a reply


Categories

TUESDAY, DECEMBER 18, 2018
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments

Social Networks