> The party actually running the authoritative DNS servers is in
control of the domain.
I'm not sure I agree. They can control the domain, but they are supposed
to be subordinate of the domain owner. If they did something without the
owner consent/approval, it really looks like a domain hijacking.
> I'm not suggesting that the CA did anything untoward in issuing this
> certificate. I am not suggesting that at all.
My opinion is that if the CA was aware that the owner didn't ask/consent
to that issuance, If it's not a misissuance according to the BRs, it
should be.
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy