Skip to main content

2.2. Defined Terms

2.2 Defined Terms

The following terms are used in this document:

Certificate: An X.509 Certificate, as specified in [RFC5280].

Certificate Evaluator: A party other than a Relying Party that evaluates the trustworthiness of certificates issued by Certification Authorities.

Certification Authority (CA): An Issuer that issues certificates in accordance with a specified Certificate Policy.

Certificate Policy (CP): Specifies the criteria that a CA undertakes to meet in its issue of certificates. See [RFC3647].

Certification Practices Statement (CPS): Specifies the means by which the criteria of the CP are met. In most cases, this will be the document against which the operations of the CA are audited. See [RFC3647].

Domain Name: The label assigned to a node in the Domain Name System.

Domain Name System (DNS): The Internet naming system specified in [RFC1034] and [RFC1035].

DNS Security (DNSSEC): Extensions to the DNS that provide authentication services as specified in [RFC4033], [RFC4034], [RFC4035], [RFC5155], and any revisions to these specifications.

Fully Qualified Domain Name (FQDN): A domain name that includes the labels of all superior nodes in the DNS.

Issuer: An entity that issues certificates. See [RFC5280].

Property: The tag-value portion of a CAA Resource Record.

Property Tag: The tag portion of a CAA Resource Record.

Property Value: The value portion of a CAA Resource Record.

Relevant Resource Record Set (Relevant RRset): A set of CAA Resource Records resulting from applying the algorithm in Section 3 to a specific FQDN or Wildcard Domain Name.

Relying Party: A party that makes use of an application whose operation depends on the use of a certificate for making a security decision. See [RFC5280].

Resource Record (RR): A particular entry in the DNS, including the owner name, class, type, time to live, and data, as defined in [RFC1034] and [RFC2181].

Resource Record Set (RRset): A set of RRs of a particular owner name, class, and type. The time to live on all RRs within an RRset is always the same, but the data may be different among RRs in the RRset.

Wildcard Domain Name: A domain name consisting of a single asterisk character followed by a single "full stop" character ("*.") followed by an FQDN.

Last updated on