On Friday, September 9, 2016 at 11:13:49 AM UTC-4, Han Yuwei wrote: > 在 2016年9月9日星期五 UTC+8上午12:00:15,Stephen Schrauger写道: > > Regarding the specific file verification method: > > > > It proves you control the web server that runs under the domain. Which is > > more or less all that you need to prove, since a TLS certificate is > > designed for web security. > > > > If you don't control DNS, but you do control the web server, you > > essentially control the domain as far as web browsing goes, and thus you > > should be able to acquire a certificate for that domain. Which is probably > > why it is included in the Baseline Requirements as an acceptable validation > > method. > > My concern is there could be multiple website deployed on one host. So the > host admin could issue a cerificate for a domain. Since the vaildate period > is typically 1 year or more, It's a securiry concern if domain owner have > changed the record but the certficate didn't revoked.
Yes, the host admin has that ability. They also have the ability to modify the website in general. Anytime you use a hosted service, you have to trust the server admins. Being able to get a certificate is the least of the website owner's worries. As far as validation periods go, this is true for any certificate on any domain. I could get a certificate for my domain today, valid for 3 months or 3 years, and then tomorrow transfer the domain to someone else. I still have a certificate, and I don't control the domain anymore. This is a non-issue, since nothing could feasibly prevent such a scenario. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
