Educause Security Discussion mailing list archives
Re: Certificate Authority Authorization (CAA)
From: Frank Barton <bartonf () HUSSON EDU>
Date: Fri, 2 Oct 2020 09:10:23 -0400
Nadim, YES, I also strongly setting up something to monitor Certificate Transparency reports to monitor for certificates being issued Frank On Thu, Oct 1, 2020 at 2:55 PM Nadim El-Khoury <nel-khoury () springfield edu> wrote:
Hi Ken, Frank, Thank you for the feedback. Do you recommend that it gets implemented? Best, Nadim On Thu, Oct 1, 2020 at 1:32 PM Johnson, Ken <kenjohnson () letu edu> wrote:We set one up a couple years back – we have it limited to our legacy external CA provider as well as LetsEncrypt and have wildcards turned off. We used to have challenges with external providers wanting to be added and we did some host-based CAA stuff that worked with extra effort – but these days I think all our external vendors use LE so there aren’t really any issues anymore. *Ken Johnson * Chief Information Officer [o] 903.233.3500 [w] www.letu.edu *| *[t] @letuit <https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2Fletuit&data=02%7C01%7C%7C0eac38a07f824368e8b908d5fca3c6a4%7C97a5855489f64d5a9806dd0ee085d235%7C1%7C0%7C636692702694986109&sdata=eDbAGos5PRiB%2B6%2B1fIoxbE8l%2FHstj0zh61ZboGHIiIc%3D&reserved=0> *From:* The EDUCAUSE Security Community Group Listserv < SECURITY () LISTSERV EDUCAUSE EDU> *On Behalf Of *Nadim El-Khoury *Sent:* Monday, September 28, 2020 1:39 PM *To:* SECURITY () LISTSERV EDUCAUSE EDU *Subject:* [SECURITY] Certificate Authority Authorization (CAA) Hi Everyone, Has anyone setup Certificate Authority Authorization (CAA) for their domain? If you did, did it work as expected or ran into issues? Best, Nadim ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=02%7C01%7Ckenjohnson%40LETU.EDU%7C91ecbe59b5624ab1fc6808d863ddda10%7C97a5855489f64d5a9806dd0ee085d235%7C1%7C1%7C637369151800212099&sdata=JB2rwKAT8RIWAWF6282rGbwEaxTVB79lrHPY9YlcHnc%3D&reserved=0> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
-- Frank Barton, MBA Security+, ACMT, MCP IT Systems Administrator Husson University PGP Key Fingerprint: 0249DC644EC78D2F6B5CD2C6C94D3EDB57946437 ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Re: Certificate Authority Authorization (CAA) Johnson, Ken (Oct 01)
- Re: Certificate Authority Authorization (CAA) Nadim El-Khoury (Oct 01)
- Re: Certificate Authority Authorization (CAA) Frank Barton (Oct 02)
- Re: Certificate Authority Authorization (CAA) Matt Weatherford (Oct 02)
- Re: Certificate Authority Authorization (CAA) Nadim El-Khoury (Oct 02)
- Re: Certificate Authority Authorization (CAA) Nadim El-Khoury (Oct 02)
- Re: Certificate Authority Authorization (CAA) Frank Barton (Oct 02)
- Re: Certificate Authority Authorization (CAA) Nadim El-Khoury (Oct 01)