Closed davkastheranger closed 6 years ago
@davkastheranger could you clarify? Do you mean they added CAA records for your zones without you asking them to? If so, what did the CAA records contain?
Yes, they issued the records without notification or consent. They created a CAA record for my wildcard cert (issuewild) for globalsign and alphassl (alphassl resell globalsign certs). I ended up adding another CAA record with an iodef tag for notifications.
Used GoDaddy's DNS management screens to manually add CAA for a domain the other day, and verified the configuration w/ SSL Labs' SSL Test. The screens are still as shown above.
@waded cool, thanks for chiming in! I just added GoDaddy to https://sslmate.com/caa/support
Did you see any automatically-added CAA records like @davkastheranger reported?
@AGWA I didn't. I was in the process of moving this domain back to GoDaddy's DNS; they didn't add any CAA records for me as I did that. I don't have other domains w/ GoDaddy's DNS to check.
@waded Thanks.
I think it's pretty unlikely that GoDaddy is adding automatic CAA records, especially for a competitor, so I'm going to close this ticket.
https://www.godaddy.com/help/using-caa-records-with-your-ssl-certificate-27227 It doesn't explicitly say it does in this, but They automatically created issuewild CAA records for my DNS Zones.