|
|
|
|
|
|
by redleader55
126 days ago
|
|
|
While this is true, improvements in the TLS issuance process should also improve security. When the eventual deprecation of TLS-ALPN-01 and DNS-01 comes, this new method would be completely secure. Here, the record could for example contain a signature from the same key pair used to authenticate the account. The alternative is DNSSEC, but that's avoided by a lot of domains. |
|
|