Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
tptacek
on Aug 19, 2019
|
parent
|
context
|
favorite
| on:
Google wants to reduce lifespan for HTTPS certific...
CAs are in general CT-logged now, and major sites all monitor the CT logs (hell, even small sites do at this point). If it's so easy to attack DNS to achieve misissuance, why isn't it happening all the time?
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
