Hacker News new | comments | show | ask | jobs | submit login

Interesting tidbit: The CA/B Forum passed a change to the Baseline Requirements attempting to standardize the methods of domain ownership validation back in August of last year[1]. Prior to that, it was essentially up to the CAs to come up with secure methods. The methods described in that change contained mitigations against this vulnerability.

The change never went into effect (practically speaking - it's actually a bit more complex) because a number of CAs in the Forum filed patent exclusion notices, and wouldn't you know it: GoDaddy was one of them. Hope it was worth it.

[1]: https://cabforum.org/2016/08/05/ballot-169-revised-validatio...

[2]: https://cabforum.org/wp-content/uploads/GoDaddy-Ballot-169-E...

Applications are open for YC Winter 2018

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact