Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-6048

Add CAA parameter handling to validator

    Details

    • Type: New Feature
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:

      Description

      From https://tools.ietf.org/html/rfc6844:

         A certificate issuer MAY specify additional parameters that allow
         customers to specify additional parameters governing certificate
         issuance.  This might be the Certificate Policy under which the
         certificate is to be issued, the authentication process to be used
         might be specified, or an account number specified by the CA to
         enable these parameters to be retrieved.
      
         For example, the CA 'ca.example.net' has requested its customer
         'example.com' to specify the CA's account number '230123' in each of
         the customer's CAA records.
      
         $ORIGIN example.com
         .       CAA 0 issue "ca.example.net; account=230123"
      

      In the current implementation parameters are handled but otherwise ignored. It could be that customers may want to be able to run validation checks on the parameters listed.

        Attachments

          Activity

            People

            Assignee:
            Unassigned
            Reporter:
            mikek Mike Agrenius Kushner
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated: