[cabfpub] CAA records for S/MIME certificates?
gerv at mozilla.org
Mon Dec 18 13:21:01 UTC 2017
On 18/12/17 13:18, Cristian Garabet via Public wrote:
> According to BR 18.104.22.168. CAA Records the CA " MUST check for CAA
> records and follow the processing instructions found, for each
> dNSName in the subjectAltName extension of the certificate to be
> issued, as specified in RFC 6844 as amended by Errata 5065 (Appendix
> A)". Does the CAA records requirement also apply to S/MIME
> certificates? Or is it planned to?
S/MIME certificates use rfc822Name, not dnsName, so no, it doesn't.
More information about the Public