|
|
|
|
|
|
by ocdtrekkie
2175 days ago
|
|
|
DNS providers should be your HTTPS providers though. Presumably the certs your browser would have to "just know" would be for the root TLDs, so you could verify with them what DNS provider a given domain was entrusted to, and then query that DNS provider whether or not your domain's certificate was legitimate. The idea that any CA can issue a valid cert for any domain is the heart of what's wrong with PKI. |
|
|
Software support is far from universal sadly.