|
|
|
|
|
|
by btgeekboy
4152 days ago
|
|
|
Is that any worse than what we have now? If I can hijack your DNS, I can certainly insert or replace enough infrastructure to acquire a basic cert from numerous providers. All I really need is to hijack the MX. Bonus points if I can do it without you knowing, such that mail is first delivered to me and then on to you. In other words, if you could put a CA into a TXT record at the root of the domain and have browsers/etc trust it, how is it any less secure than what we have now? |
|
|