@misc{rfc8657,
    series =    {Request for Comments},
    number =    8657,
    howpublished =  {RFC 8657},
    publisher = {RFC Editor},
    doi =       {10.17487/RFC8657},
    url =       {https://www.rfc-editor.org/info/rfc8657},
    author =    {Hugo Landau},
    title =     {{Certification Authority Authorization (CAA) Record Extensions for Account URI and Automatic Certificate Management Environment (ACME) Method Binding}},
    pagetotal = 11,
    year =      2019,
    month =     nov,
    abstract =  {The Certification Authority Authorization (CAA) DNS record allows a domain to communicate an issuance policy to Certification Authorities (CAs) but only allows a domain to define a policy with CA-level granularity. However, the CAA specification (RFC 8659) also provides facilities for an extension to admit a more granular, CA-specific policy. This specification defines two such parameters: one allowing specific accounts of a CA to be identified by URIs and one allowing specific methods of domain control validation as defined by the Automatic Certificate Management Environment (ACME) protocol to be required.},
}