|
|
|
|
|
|
by hackhat
4105 days ago
|
|
|
Imo the problem is of the issuer. They only opens holes by doing this kind of things. Imagine if you already secured the admin@domain.com and tomorrow the issuer thinks that admin-ssl@domain.com could be used for validation. Now what, you should keep up with their updates every hour? |
|
|