> You are working on wrong assumptions. The DV certs are exactly as > strong as your DNS is. You only need to attack DNS to issue a DV cert. > > Ondrej Sury
Certificate issuance is not the end of the game. Clients have opportunity to avoid being fooled by a DV certificate if they choose. Why disarm the client? _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
