Reply to post: Re: Compromised CA

How to nab a HTTPS cert for a stranger's website: Step one, shatter those DNS queries...

Charles 9 Silver badge

Re: Compromised CA

I don't think so. They would only have to compromise ONE and then block the rest. Still quite possible. And I don't know of a way around this kind of system. DNS basically relies on Trent to work, and Trent can be replaced or subverted.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021