Hello,
We’re implementing a CAA pre-check as part of our application’s pre-order verification process.
Given a CAA verification for www.example.com
. Assume that www.example.com/CAA
fails SERVFAIL, but example.com
returns NOERROR.
From my reading of CAB 1.6.6, it appears that, in this situation, a CA would ignore the SERVFAIL, and apply example.com
’s CAA authorization value to www.example.com
?
Thank you for your time!