[cabfpub] Draft CAA motion (3)

Gervase Markham gerv at mozilla.org
Fri Jan 13 15:23:03 UTC 2017

On 13/01/17 14:55, Doug Beattie wrote:
> I'd suggest we include exactly what is required in the ballot and if
> the RFC changes then we have a new ballot to specify the changes and
> effective dates.

Well, it's not the RFC that would change - if it was, that would be
simpler :-) It's the extension registries.

Text proposals welcome.

> I'm highlighting the fact RFCs are not always clear in that they
> require and how they relate to the BRs and we should clearly state
> the requirements in the BRs.  In the BRs we don’t discuss DNAME
> records, but CAA does support them, so is that an issue?  I don’t
> know, just asking.

I don't think it's an issue; follow the RFC.

> There is an example in section 4 for processing that has a "will" (
> not a WILL) - is this how CAs MUST process CAA records?

That's an example, which (I assume) is why it doesn't use normative

> Section 6.5 talks about abuse of the Critical Flag - are we OK with
> mandating that CAs respect the Critical flag?

Yes. If CAs find abuse of the critical flag, this would be documented as
an issuance problem, and the CAB Forum could then take action.


More information about the Public mailing list