Huh? Your site can be already completely hijacked by the same actors. Your browser trusts a lot of CAs so VeriSign (or whoever operates the .com zone) can already issue .com certs. And your only hope is to preload your cert (which is a Chrome only thing, and pretty inefficient and inflexible).
The Convergence Project with notaries is an even better solution.
But using the DNS as the authoritative source of data and using external parties to keep an eye on that would both lead to efficiency (performance, flexibility) and security (as in from the State).
The Convergence Project with notaries is an even better solution.
But using the DNS as the authoritative source of data and using external parties to keep an eye on that would both lead to efficiency (performance, flexibility) and security (as in from the State).