Ensure CAs are collecting sufficient data to investigate CAA errors #356
Labels
Comments
CBonnell
changed the title
|
This item was reviewed at the 2022-07-28 meeting. There was agreement that we should revisit at a later date in light of the passage of SC-51 to see what (if any), concrete improvements can be derived from this item. |
|
Discussed at 11/2/23 Validation subcommittee meeting. it’s unclear if this is for CA’s own investigations, or for the forum to use the data. It was suggested this this task should better define 'errors outside the CA's infrastructure'. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
https://groups.google.com/d/msg/mozilla.dev.security.policy/7AcHi_MgKWE/-E3z-ifLBQAJ
The current requirement is:
"The CA SHALL log all actions taken, if any, consistent with its processing
practice."
Perhaps it needs to be more detailed about the minimum logging necessary, to help diagnose CAA checking failures and possible misissuances.
The text was updated successfully, but these errors were encountered: