|
|
|
|
|
|
by nadams
4154 days ago
|
|
|
I'm sorry I didn't make that more clearer - that was a hypothetical question. The question is a loaded question and it raises other deeper rooted issues like what you pointed out (MITM attacks against DNS being one such example). There would have to be some sort of authoritative list where it says "this CA cert can sign certificates only for this domain". However, such a system I described would basically be CAs as they currently stand. The question/problem is who would maintain such a list? This is hard question considering we can't even agree on web standards coughMicrosoftcough. |
|
|