5 Mar
2020
5 Mar
'20
7:36 a.m.
On Wed, 4 Mar 2020 11:00:40 +1300, Peter Reutemann quoted:
'On Leap Day, Let's Encrypt announced that it had discovered a bug in its CAA (Certification Authority Authorization) code.'
I think this only applies to wildcard domain certs (e.g. “*.example.com”). The mechanism for issuing a cert to a specific domain (e.g. “www.example.com”) does not use DNS CAA records. I say this because I didn’t need to set up a CAA record for any of the domains for which I have obtained Let’s Encrypt certs. <https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization>