On 16.01.2018 17:59, Ilari Liusvaara wrote: > I earlier had idea of Public Key Pinning with CAA records. It > would be much safer than HPKP (because if keys get lost, they > can be rather quickly changed) and could actually help against the > issue (as CAA is proactive, not reactive like CT). I should post a > draft about it... This actually already exists, check out: https://tools.ietf.org/html/draft-ietf-acme-caa-03
-- Joona Hoikkala
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
