Showing papers on "Certification Practice Statement published in 2019"
30 May 2019
TL;DR: This document defines the syntax of the CAA record and rules for processing CAA records by certificate issuers.
Abstract: The Certification Authority Authorization (CAA) DNS Resource Record
allows a DNS domain name holder to specify one or more Certification
Authorities (CAs) authorized to issue certificates for that domain.
CAA Resource Records allow a public Certification Authority to
implement additional controls to reduce the risk of unintended
certificate mis-issue. This document defines the syntax of the CAA
record and rules for processing CAA records by certificate issuers.
[STANDARDS-TRACK]
68 citations
4 Nov 2019
TL;DR: This document describes version 2.0 of the Certificate Transparency protocol for publicly logging the existence of Transport Layer Security (TLS) server certificates as they are issued or observed, in a manner that allows anyone to audit certification authority activity and notice the issuance of suspect certificates as well as to audit the certificate logs themselves.
Abstract: This document describes version 2.0 of the Certificate Transparency
(CT) protocol for publicly logging the existence of Transport Layer
Security (TLS) server certificates as they are issued or observed, in
a manner that allows anyone to audit certification authority (CA)
activity and notice the issuance of suspect certificates as well as to
audit the certificate logs themselves. The intent is that eventually
clients would refuse to honor certificates that do not appear in a
log, effectively forcing CAs to add all issued certificates to the
logs. This document obsoletes RFC 6962. It also specifies a new TLS
extension that is used to send various CT log artifacts. Logs are
network services that implement the protocol operations for
submissions and queries that are defined in this document.
30 citations