Publication detail

1. Pouyan Fotouhi Tehrani, Raphael Hiesgen, Thomas C. Schmidt, Matthias Wählisch
   A Call to Reconsider Certification Authority Authorization
   IEEE Security & Privacy, 24(1), pp. 35–43, 2026
   DOI (opens in new tab) PDF BibTeX Abstract

Abstract

Certification Authority Authentication (CAA) is a safeguard against illegitimate certificate issuance. We show how shortcomings in CAA concepts and operational aspects undermine its effectiveness in preventing certificate misissuance. Our discussion reveals pitfalls and highlights best practices when designing security protocols based on the Domain Name System.

Topics: Network Security, Internet Measurements and Analysis, Network Management