Priority on RFC8657 ACME CAA Restrictions?

Hi All,

In one of the Issuance Policy Threads earlier this summer, it was discussed that there are no longer any CAB Forum or RFC ambiguity issues holding up the implementation of the validationmethods or accounturi CAA Constraints outlined in RFC8657 for the L.E. Production environment.

I know that you have this running in the Staging environment already. After things calm down from the root cert expiration, where do you see this falling in the priority hierarchy? Having that extra security around limiting the accounturi and validationmethods allowed to be used in the certificate request and issuance processes for our domains would be reassuring. Any rough target dates yet?


I'm afraid that thread is still our most recent update, but we're eager to enable this feature; we definitely haven't forgotten.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.