Who cares about domain hijacking any more?
Websites should use TLS by default now, and if an ISP has been able to get hold of a cert-issuing-cert signed by a CA in the default CTL, this just goes to show that the whole CA ecosystem is broken.
Websites should use TLS by default now, and if an ISP has been able to get hold of a cert-issuing-cert signed by a CA in the default CTL, this just goes to show that the whole CA ecosystem is broken.