|
|
|
|
|
|
by lol768
2625 days ago
|
|
|
> In fact I would say it's more secure. DNS can be spoofed pretty easily. This is a cryptographically signed package How is it more secure? If, as you say, DNS can be spoofed easily - I can easily get a certificate issued with the required extension and make a "cryptographically signed package". |
|
|
Spoofing DNS to clients is much easier than spoofing DNS to certificate authorities. Otherwise domain-validated HTTPS certs wouldn't mean much.