|
|
|
|
|
|
by niij
3057 days ago
|
|
|
Having any valid cert (DV or otherwise) proves that you are viewing the example.com that the owner of example.com wants you to see. Without a certificate, you can/will be MITMed. >It's just too easy to get them to think they really mean anything. I'm not sure what you mean by this: 1. Are you saying that there is a vulnerability where you can get a valid certificate for a domain you don't own? 2. Do you mean the fact that valid owners of a domain can get a certificate easily? If 1, please provide more info. If 2, why is that a bad thing? |
|
|