Y
Hacker News
new
|
ask
|
show
|
jobs
by
crosser
973 days ago
Why not? You could use "certificate usage" value 1 and (if the implementation does not neglect it) immediately notice that validation by CA disagrees with validation by DNS. That should be good enough, no?