Adds a "-CAA" flag which performs real-time CAA check as per RFC 6844 Section 4 (Errata 5065, 5097). The resulting record is printed as a message with "CAA:" tag, however the record values are accessible through a hash which can be used in monitoring systems. E.g., Monitor new certs in CT. If the cert was issued recently, and if the CAA information disallows such a issuance, it can be flagged for investigation.
Adds a "-CAA" flag which performs real-time CAA check as per RFC 6844 Section 4 (Errata 5065, 5097). The resulting record is printed as a message with "CAA:" tag, however the record values are accessible through a hash which can be used in monitoring systems. E.g., Monitor new certs in CT. If the cert was issued recently, and if the CAA information disallows such a issuance, it can be flagged for investigation.