If your DNS server doesn't support CAA, you might be able to use it anyways by encoding it in hex per RFC3597. My CAA tool makes this easy.
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
would be nice to see the top 10 CAs not just those and maybe drag and drop for another CA?
-
Goal is to list all CAs that support CAA. These are the ones I've found so far. Gotta read more CPSes :-)
-
I get that but your issuer supporting CAA isnt the part you care about, it is everyone else.
-
Thanks! I see what you mean now. I'm cooking up some ideas for how to convey this.
-
it's uninspired but you could use this approach http://sarink.github.io/react-file-drop/demo/ … and rely on PKIjs to make sure its a ca cert
-
Don't think I understand this. Why would people be uploading files?
-
was suggesting letting them drag in ca certs
-
Ah, and then tell them whether the CA supports CAA? Think I'd rather parse the root stores and let them select from list.
- 2 more replies
New conversation -
-
-
You can grey out "wildcard" for Let's Encrypt.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.