@__agwa Congratulations on charging more™ for @SSLMate! I just used https://sslmate.com/caa and I'm so happy to pay you now! The CA metadata work is amazing, too!
There's no CT-like system for DNS. Since Cert Spotter is a CT monitor, it shouldn't rely on a system that has weaker security guarantees than CT.
-
-
And having it explicitly "Import CAA policy from DNS" with a second step for the user to confirm the read data? From the certs in Cert Spotter you should be able to know which DNS records to ask for.
-
It will be sort of like that, except the importing will be continuous (since CAA records can change over time) and the user will be informed over email when there's a change.
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.