> -----Original Message----- > From: [email protected] [mailto:[email protected]] On > Behalf Of Marsh Ray > > What if they maliciously pinned you to a floundering CA?
What is they compromised your DNS server and sent out bogus A records with a crazy long TTL? I think trying to make HSTS and TLS, protocols that rely on a private key staying secret, resilient completely against a key compromise, for all manner of attacks, simply isn't practical.... - Andy _______________________________________________ websec mailing list [email protected] https://www.ietf.org/mailman/listinfo/websec
