chiark / gitweb /
~mdw / zones / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
*.lisp: Add CAA records to discourage wrong CAs from issuing.
[zones] / escorted.lisp
diff --git a/escorted.lisp b/escorted.lisp
index ab5c5b3ef8c576dfef75c9a99cb15f348d84c424..e2f542d962e8de9a611cf638d11c445a7f7b7ce5 100644 (file)
--- a/escorted.lisp
+++ b/escorted.lisp
@@ -20,6 +20,10 @@ (defzone escorted.org.uk
   ;; Web service.
   ((@ www) :svc stratocaster)
 
+  ;; Certification.
+  :caa ((:issue "letsencrypt.org")
+       (:issue "distorted.org.uk"))
+
   ;; Mail servers
   :mx ((mail :ip stratocaster))
   :srv ((:smtp mail))
Zone files for the DNS zones I administer