Constellix DNS Now Supports CAA Records

Share Article

Constellix DNS announces the addition of CAA records, which work with certification authorities to improve the security of domains.

Constellix CAA Records
Any client using SSL certificates to secure their domain is advised to configure CAA records to safeguard their security.

Tiggee subsidiary, Constellix, announces that Constellix DNS will now support CAA (Certificate Authority Authorization) records. This record type allows the domain name holder to specify one of or more CAs (Certificate Authorities) to issue certificates for that domain, according to RFC 6844.

“Any client using SSL certificates to secure their domain is advised to configure CAA records to safeguard their security,” says President of Constellix Steven Job. “In the past, HTTPS secured domains have been compromised due to certification misuse.” CAA records seek to solve this issue by declaring the domain owner’s preferred CA, eliminating the risk of false CAs from issuing fake certificates.

Websites that use HTTPS without CAA are putting themselves and their clients at risk. In the past, malicious parties were able to distribute malware, intercept secure traffic, and sell illegitimate certificates because websites weren’t able to declare their preferred CA. CAA records prevent this from happening, because domain administrators can specify the exact CA that is authoritative for issuing their domain’s certificates.

Domain security has growing implications according to news from Google that is now considering HTTPS is a ranking signal. Domain administrators need to switch to HTTPS, because in the near future Google will consider HTTP domains as insecure and penalize them in search results. Domain owners that make the switch to HTTPS should also add the appropriate CAA record(s) to ensure security.

CAA records can be customized to prefer different CAs, specify wild card domains, and receive emails when CAs find certificate policy violations.

Full documentation of how Constellix DNS allows the configuration of CAA records can be found on its help site.

About Constellix
Constellix is a subsidiary of Tiggee, the creators of DNS Made Easy, and the industry leader in providing IP Anycast enterprise DNS services. Constellix is an Internet Traffic Optimization Services (ITOS) company and trailblazer in next-generation traffic management solutions. The Constellix GeoDNS platform offers the most powerful and precise DNS query management, engineered for the cloud. The platform is fully integrated with Constellix Sonar, which offers a range of advanced monitoring features and intelligent analytics tools.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Blair McKee
Constellix
+1 (703) 880-3095 Ext: 1
Email >
@Constellix
since: 02/2011
Follow >
Constellix
Like >
Constellix

Follow us on
Visit website