> You are working on wrong assumptions. The DV certs are exactly as
> strong as your DNS is. You only need to attack DNS to issue a DV cert.
> 
> Ondrej Sury

Certificate issuance is not the end of the game.  Clients have opportunity to 
avoid being fooled by a DV certificate if they choose.  Why disarm the client?  
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to