DNS Certification Authority Authorization
Abbreviation | CAA |
---|---|
Status | RFC 8659 November 2019 |
Organization | IETF |
Authors |
|
DNS Certification Authority Authorization (CAA) is an
It was drafted by computer scientists Phillip Hallam-Baker and Rob Stradling in response to increasing concerns about the security of publicly trusted certificate authorities. It is an Internet Engineering Task Force (IETF) proposed standard.
Background
A
The first draft of CAA was written by
In September 2017, Jacob Hoffman-Andrews submitted an Internet Draft intended to simplify the CAA standard. This was improved by the LAMPS Working Group, and approved as
As of January 2020[update], Qualys reports that still, only 6.8% of the 150,000 most popular TLS-supporting websites use CAA records.[12]
Record
Certificate authorities implementing CAA perform a
- flag
- A extensible signaling system for future use. As of 2018[update], only the issuer critical flag has been defined, which instructs certificate authorities that they must understand the corresponding property tag before issuing a certificate.[11] This flag allows the protocol to be extended in the future with mandatory extensions,[4] similar to critical extensions in X.509 certificates.
- tag
- One of the following property:
- issue
- This property authorizes the holder of the domain specified in associated property value to issue certificates for the domain for which the property is published.
- issuewild
- This property acts like issue but only authorizes the issuance of wildcard certificates, and takes precedence over the issue property for wildcard certificate requests.
- iodef
- This property specifies a method for certificate authorities to report invalid certificate requests to the domain name holder using the Incident Object Description Exchange Format. As of 2018[update], not all certificate authorities support this tag, so there is no guarantee that all certificate issuances will be reported.
- contactemail
- Increasingly, contact information is not available in WHOIS due to concerns about potential GDPR violations. This property allows domain holders to publish contact information in DNS.[13][14]
- contactphone
- As above, for phone numbers.[15]
- value
- The value associated with the chosen property tag.
The lack of any CAA records authorizes normal unrestricted issuance, and the presence of a single blank issue tag disallows all issuance.[11][9][16]
Third parties monitoring certificate authority behavior might check newly issued certificates against the domain's CAA records.
Extensions
History
A draft of the first extension to the CAA standard was published on October 26, 2016, proposing a new account-uri token to the end of the issue property, which ties a domain to a specific
Examples
To indicate that only the certificate authority identified by ca.example.net is authorized to issue certificates for example.com and all subdomains, one may use this CAA record:[11]
example.com. IN CAA 0 issue "ca.example.net"
To disallow any certificate issuance, one may allow issuance only to an empty issuer list:
example.com. IN CAA 0 issue ";"
To indicate that certificate authorities should report invalid certificate requests to an
example.com. IN CAA 0 iodef "mailto:[email protected]"
example.com. IN CAA 0 iodef "http://iodef.example.com/"
To use a future extension of the protocol, for example, one which defines a new future property, which needs to be understood by the certificate authority before they can safely proceed, one may set the issuer critical flag:
example.com. IN CAA 0 issue "ca.example.net"
example.com. IN CAA 128 future "value"
Incidents
In 2017, Camerfirma was found to improperly validate CAA records. Camerfirma claimed to have misunderstood the CA/Browser Forum Baseline Requirements describing CAA validation.[20][4]
In early 2020, Let's Encrypt disclosed that their software improperly queried and validated CAA records potentially affecting over 3 million certificates.[21] Let's Encrypt worked with customers and site operators to replace over 1.7 million certificates, but decided not to revoke the rest to avoid client downtime and since the affected certificates would all expire in less than 90 days.[22]
See also
- Certificate authority compromise
- Certificate Transparency
- DNS-based Authentication of Named Entities
- HTTP Public Key Pinning
- List of DNS record types
References
- ^ Ristić, Ivan. "SSL/TLS and PKI History". Feisty Duck. Retrieved June 8, 2018.
- ^ Bright, Peter (August 30, 2011). "Another fraudulent certificate raises the same old questions about certificate authorities". Ars Technica. Retrieved February 10, 2018.
- S2CID 5027899.
- ^ S2CID 13988123.
- ^ Hallam-Baker, Phillip; Stradling, Rob (October 18, 2010). DNS Certification Authority Authorization (CAA) Resource Record. IETF. I-D draft-hallambaker-donotissue-00.
- ^ Hallam-Baker, Phillip; Stradling, Rob; Ben, Laurie (June 2, 2011). DNS Certification Authority Authorization (CAA) Resource Record. IETF. I-D draft-ietf-pkix-caa-00.
- .
- ^ Hall, Kirk (March 8, 2017). "Results on Ballot 187 - Make CAA Checking Mandatory". CA/Browser Forum. Retrieved January 7, 2018.
- ^ a b Beattie, Doug (August 22, 2017). "What is CAA (Certificate Authority Authorization)?". GlobalSign. Retrieved February 2, 2018.
- ^ Cimpanu, Catalin (September 11, 2017). "Comodo Caught Breaking New CAA Standard One Day After It Went Into Effect". Bleeping Computer. Retrieved January 8, 2018.
- ^ .
- ^ "SSL Pulse". SSL Labs. Qualys. January 3, 2020. Retrieved January 31, 2020.
- ^ "Public Key Infrastructure using X.509 (PKIX) Parameters". www.iana.org. Retrieved August 22, 2020.
- ^ https://cabforum.org/wp-content/uploads/CA-Browser-Forum-BR-1.6.3.pdf[bare URL PDF]
- ^ Beattie, Doug (January 7, 2019). "Ballot SC14: CAA Contact Property and Associated Phone Validation Methods". CA/Browser Forum (Mailing list). Retrieved October 19, 2020.
- Symantec. Retrieved January 8, 2018.
- ^ Landau, Hugo (October 26, 2016). CAA Record Extensions for Account URI and ACME Method Binding. IETF. I-D draft-ietf-acme-caa-00.
- ^ Landau, Hugo (August 30, 2017). CAA Record Extensions for Account URI and ACME Method Binding. IETF. I-D draft-ietf-acme-caa-04.
- ^ Landau, Hugo (June 21, 2018). CAA Record Extensions for Account URI and ACME Method Binding. IETF. I-D draft-ietf-acme-caa-05.
- ^ "CA:Camerfirma Issues - MozillaWiki". wiki.mozilla.org. Retrieved April 27, 2021.
- ^ Claburn, Thomas (March 3, 2020). "Let's Encrypt? Let's revoke 3 million HTTPS certificates on Wednesday, more like: Check code loop blunder strikes". www.theregister.com. Archived from the original on May 31, 2020. Retrieved April 27, 2021.
- ISSN 1059-1028. Retrieved April 27, 2021.
External links
- RFC 8659
- List of CA identifiers for use in CAA records at Common CA Database