top | item 43738802 (no title) mukesh610 | 10 months ago Even then, use of a DNS CAA record should mitigate this, right? discuss order hn newest AdamJacobMuller|10 months ago Maybe?I wouldn't assume that the bug doesn't bypass CAA checking.Very important question to answer. jsheard|10 months ago Yeah - unless you're an actual SSL.com customer, in which case your CAA records would allow it. That's a much smaller blast radius at least.
AdamJacobMuller|10 months ago Maybe?I wouldn't assume that the bug doesn't bypass CAA checking.Very important question to answer.
jsheard|10 months ago Yeah - unless you're an actual SSL.com customer, in which case your CAA records would allow it. That's a much smaller blast radius at least.
AdamJacobMuller|10 months ago
I wouldn't assume that the bug doesn't bypass CAA checking.
Very important question to answer.
jsheard|10 months ago