Looking at the latest draft for acme-client, I noticed that it mentions CAA: CAA helps as anyone verifying a certificate used for code signing can verify that the CA used has been authorized to issue certificates for that organization.
However, in the CAA RFC it states: Relying Applications MUST NOT use CAA records as part of certificate validation. I propose removing the statement in acme-client about CAA that is quoted above. -carl mehner _______________________________________________ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
