> On Feb 24, 2019, at 22:03, Hank Nussbacher <[email protected]> wrote: > > Did you have a CAA record defined and if not, why not? If the attacker got a CA to issue the cert because they changed the DNS server to be their own, a CAA record wouldn’t have helped (or at least been even easier to thwart than DNSSEC). Ask
- Re: 2FA, was A Deep Dive on the Recent... Job Snijders
- Re: 2FA, was A Deep Dive on the Recent... Seth Mattinen
- Re: 2FA, was A Deep Dive on the Recent... valdis . kletnieks
- Re: 2FA, was A Deep Dive on the Recent... Matthew Petach
- Re: A Deep Dive on the Recent Widespre... Saku Ytti
- Re: A Deep Dive on the Recent Widespre... Tony Finch
- Re: A Deep Dive on the Recent Widespre... Paul Ebersman
- Re: A Deep Dive on the Recent Widespre... Ross Tajvar
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Bill Woodcock
- Re: A Deep Dive on the Recent Widespread DNS Hijac... Hank Nussbacher
- Re: A Deep Dive on the Recent Widespread DNS H... Ask Bjørn Hansen
- Re: A Deep Dive on the Recent Widespread D... Hank Nussbacher
- Re: A Deep Dive on the Recent Widespread DNS H... Bill Woodcock
- Re: A Deep Dive on the Recent Widespread D... Sander Steffann
- Re: A Deep Dive on the Recent Widespre... Michael Hallgren
- Re: A Deep Dive on the Recent Widespread D... Bjørn Mork
- Re: A Deep Dive on the Recent Widespread D... Ca By
- Re: A Deep Dive on the Recent Widespre... David Conrad
- Re: A Deep Dive on the Recent Widespre... Ca By
- Re: A Deep Dive on the Recent Widespre... John Levine
- Re: A Deep Dive on the Recent Widespre... Bill Woodcock
