Abstract

Pouyan Fotouhi Tehrani, Raphael Hiesgen, Thomas C. Schmidt, Matthias Wählisch,
A Call to Reconsider Certification Authority Authorization (CAA),
IEEE Security \& Privacy, IEEE Press : Piscataway, NJ, USA, 2025. (in press)
[html][pdf][BibTeX][Abstract]

Abstract: Certification Authority Authentication (CAA) is a safeguard against illegitimate certificate issuance. We show how shortcomings in CAA concepts and operational aspects undermine its effectiveness in preventing certificate misissuance. Our discussion reveals pitfalls and highlights best practices when designing security protocols based on DNS.

Themes: Internet Measurement and Analysis , Network Security

 

This page generated by bibTOhtml on Wed 22 Jan 2025 12:05:05 AM UTC