|
|
|
|
|
|
by eganist
3568 days ago
|
|
|
I'm not sure how reliable this would be. E.g. an attacker with sufficient capability to launch an attack like RansomPKP (which requires a web server compromise or equivalent) would—on first glance, anyway—also be able to undermine these mitigations. Technion's point about certificate transparency is probably the closest to solving what you're aiming for. |
|
|