PHP :: Request #73850 :: dns_get_record lacks support for RFC6844 CAA record type

Request #73850	dns_get_record lacks support for RFC6844 CAA record type
Submitted:	2017-01-02 11:39 UTC	Modified:	2017-01-18 18:41 UTC
From:	marcus at synchromedia dot co dot uk	Assigned:	krakjoe (profile)
Status:	Closed	Package:	Network related
PHP Version:	7.1.0	OS:	any
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	marcus at synchromedia dot co dot uk
New email:
PHP Version:		OS:

New Comment:

[2017-01-02 11:39 UTC] marcus at synchromedia dot co dot uk

Description:
------------
The CAA record type is a security related DNS record type used to validate encryption  certificate issuers for a domain. In purpose it has quite a lot in common with HPKP certificate pinning, but with fewer downsides. Ideally it is combined with DNSSEC.

CAA is defined in RFC 6844: https://tools.ietf.org/html/rfc6844

It defines a new DNS record type with code 257 (see section 7.1 of the RFC)

PHP lacks support for this record type, so it cannot be queried using dns_get_record in PHP.

CAA is not yet seeing widespread take-up, however, it is supported by the letsncrypt.org CA, and that is becoming very popular - control panels etc that support DNS and TLS configuration are thus likely to need support for this record type in PHP.

Test script:
---------------
var_dump(dns_get_record('php.net', DNS_CAA));

Patches

Pull Requests

Pull requests:

DNS CAA record type for dns_get_record implementation and tests (php-src/2272)

History

AllCommentsChangesGit/SVN commitsRelated reports

[2017-01-18 18:41 UTC] krakjoe@php.net

-Status: Open +Status: Closed -Assigned To: +Assigned To: krakjoe

[2017-01-18 18:41 UTC] krakjoe@php.net

The fix for this bug has been committed.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.

This was merged.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Nov 28 12:01:28 2024 UTC