On 25 March 2015 at 17:21, Jacob Hoffman-Andrews <j...@eff.org> wrote: >> This seems like a big deal, no? That is, since SNI is one of the few > things not protected in the TLS handshake, it does seem spoofable. If > there's not something I'm missing, it seems like the proposal should > just drop DVSNI altogether. > > An attacker who fully controls the network is explicitly not part of the > threat model for any Domain Validation. None of the available techniques > for DV, whether they involve fetching a file, sending an email, or doing > a TLS handshake can fully mitigate a network attacker.
It has been suggested that some measure of network control can be mitigated by originating the validation requests from multiple network locations. That would be down to CA policy though. _______________________________________________ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
