Neither CAA nor DNSSEC mitigate registry compromises. On Sun, Nov 5, 2017 at 9:15 AM Daniel Cater via dev-security-policy < [email protected]> wrote:
> Hmm, CAA records could also potentially be spoofed in this situation, in > which case they would also not be trustworthy (save for cached records with > a long TTL). > _______________________________________________ > dev-security-policy mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-security-policy > _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
