alt Hacker NewsEven with CAA records, any CA can still create a cert for any website. So if you're worried about an untrustworthy CA, then this won't help you.
It could make it less likely for a CA with buggy code to accidentally issue a cert for your domain.
Even with CAA records, any CA can still create a cert for any website. So if you're worried about an untrustworthy CA, then this won't help you.
It could make it less likely for a CA with buggy code to accidentally issue a cert for your domain.