Comment by Jenda_

3 years ago

> then Huawei can issue a Let's Encrypt certificate for Google, right?

Google has CAA records set (https://www.entrust.com/resources/certificate-solutions/tool...) and I guess CAs will have denylists of "popular" domains, so no.

> And any large national ISP can use MitM to issue fake certificates for any site hosted within that country?

Yes. You can fix this by CAA and ACME-CAA.

I can't think of a way to validate DV certificates in a better way that will resist this kind of attack.

Multiperspective validation, if the attacker is far enough away from the target site. :-)

I think some of the researchers who wrote about BGP spoofing attacks against Let's Encrypt may have suggested something about logging BGP changes and delaying DV issuance if a network's BGP announcements are too recent, or something? I don't think Let's Encrypt currently checks that, but it could be an interesting data source in the future.