alt Hacker NewsIf the DNS takeover is limited in scope, the legitimate owner wouldn't be able to query it.
CT addresses scoped attacks by making all webpki trusted certificates public knowledge. You would want something similar with DANE.
If the DNS takeover is limited in scope, the legitimate owner wouldn't be able to query it.
CT addresses scoped attacks by making all webpki trusted certificates public knowledge. You would want something similar with DANE.