On Tue, Feb 27, 2018 at 10:59 AM, Shumon Huque <shu...@gmail.com> wrote:
> > > Several of us were well aware of this during the early days of the > draft, but perhaps many folks did not fully appreciate the impacts > until I elaborated on them last year, and added text that described > the "adversary with fraudulently obtained PKIX credentials" attack. > Following up to my own message, sorry .. It occurred to me that perhaps a good way to mitigate this risk is a combo of mechanisms like CAA and Certificate Transparency logs. Shumon Huque
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
