Richard Freeman wrote:
While somebody might be able to hijack your domain for an hour to get a
cert, I doubt they could maintain this for weeks at a time and avoid
detection.
Actually this is another issue, if they can hijack your email for an hour they can hijack your domain for life as most registrars send passwords, changes to your domain name in plain text emails...
--
Best regards, Duane
http://www.cacert.org - Free Security Certificates http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://happysnapper.com.au - Sell your photos over the net! http://e164.org - Using Enum.164 to interconnect asterisk servers
"In the long run the pessimist may be proved right,
but the optimist has a better time on the trip."
_______________________________________________
mozilla-crypto mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-crypto
