search

intrigueio / intrigue-core

Discover Your Attack Surface!
https://core.intrigue.io
Other
1.36k stars 267 forks source link

Implementing DNS CAA checker #305

Closed jen140 closed 3 years ago

jen140 commented 3 years ago

Added an issue when CAA record not found and added the handler and updated dns handler to support it.

"DNS Certification Authority Authorization (CAA) is an Internet security policy mechanism which allows domain name holders to indicate to certificate authorities whether they are authorized to issue digital certificates for a particular domain name."

shpendk commented 3 years ago

Changes needed:

  1. Typo fix as requested by jcran
  2. Better description. The description is currently incomplete, and it also only explains what a CAA is. It must explain what the issue is (missing CAA) and the impact it has (allowing any CA to generate certificates increases the risk of exposure if a CA is compromised)
  3. Issue and Task must have the same class name
  4. Create a new branch starting from the current develop branch, add changes, and create new PR.

It looks like you either started from a very old commit, or you merged master (which itself is old). Hence, I am kindly asking to create a new branch starting from develop. Please always use the latest version of develop, and also make PRs against develop branch.