Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-6048

Add CAA parameter handling to validator

    Details

    • Type: New Feature
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:

      Description

      From https://tools.ietf.org/html/rfc6844:

         A certificate issuer MAY specify additional parameters that allow
         customers to specify additional parameters governing certificate
         issuance.  This might be the Certificate Policy under which the
         certificate is to be issued, the authentication process to be used
         might be specified, or an account number specified by the CA to
         enable these parameters to be retrieved.
      
         For example, the CA 'ca.example.net' has requested its customer
         'example.com' to specify the CA's account number '230123' in each of
         the customer's CAA records.
      
         $ORIGIN example.com
         .       CAA 0 issue "ca.example.net; account=230123"
      

      In the current implementation parameters are handled but otherwise ignored. It could be that customers may want to be able to run validation checks on the parameters listed.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              mikek Mike Agrenius Kushner
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: