Utilise DNS CAA records, extract authorised CAA's as affiliates, extract emails and URL's from any IODEF reporting destinations #1400
Labels
enhancement
New feature or request
Milestone
Description
Process DNS CAA records, extract anything useful we find.
Usually low value, but sometimes includes interesting email addresses or URL's.
Approved public CA's that have web portals may also be of interest.
https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization
apple.com provides a useful example, as from their CAA records we would currently expect to get the following additional information:
Given "pki.apple.com" is a sub-domain that does not have any A/AAAA/CNAME records ( though it does have TXT's... more on that later :-) ), bbot should at present filter it out from any final results.
Example,
The text was updated successfully, but these errors were encountered: