Azure DNS updates the CAA Record Support allows the domain owners to specify work authorities and provide them certificates without facing any difficulty. Certification Authority Authorization (CAA) resources need proper checking from now on and it has made mandatory to ensure maximum protection. The proper checking of the domain authority is made to provide flawless security and prevent the misuse of certificates. The users will be properly monitored and the risk of unintended certificate award will be mitigated.
Following are the three major properties which are supported by CAA record type support:
Flags are the unsigned integers and they have a specific meaning per RFC. The values of flags are between 0-255 and they usually used to signify a critical flag.
Tag is another property which is supported by DNS Updates and it’s known as ASCII string. Issue, Issuewild, and Iodef are the types of strings in a tag. The domain owners can specify CAs with Issue string and only authorized owners are allowed to perform this task. Similarly, Issuewild helps the certified domain owners to specify CAs. Wildcard certs are only certificates which certified domain owners can issue. To assign and specify an email address or hostname, the users can use Iodef and can be notified of the certificate and issuance request. The restrict procedure never authorized the domain if you fail to properly follow the procedure.
It demonstrates the value associated with the specific tag used and DNS supports this property too. The users are allowed to use Azure platforms such as CLI, PowerShell, and Azure Rest API to create and manage their CAA Records.
Properties of IPv6 Nameservers
Azure DNS can now support IPv6 queries and the support is made on the excessive demand and use of the service by Azure users over the past few years. You can find Azure DNS Nameserver in Azure support which you can sue for the DNS zone present in Azure DNS. The below-mentioned portal screen is a pictorial depiction of how IPv6 Nameserver does its work.
Likewise, the users can find out the address of IPv6 for the server names which are running on the tcommands like nslookup.