Comment by schoen
3 years ago
Multiperspective validation, if the attacker is far enough away from the target site. :-)
I think some of the researchers who wrote about BGP spoofing attacks against Let's Encrypt may have suggested something about logging BGP changes and delaying DV issuance if a network's BGP announcements are too recent, or something? I don't think Let's Encrypt currently checks that, but it could be an interesting data source in the future.
No comments yet
Contribute on Hacker News ↗