When setting up secure server, it is suggested not to use self-signed certs and instead to be signed by a CA. Of course, post-Snowden we now know that there may be problems with CA's that could allow MITM attacks.
My question then is if a domain is setup with proper DNSSEC, is it immune from the types of MITM attacks that would be available via a compromised CA? (I hope that came out right)
Aucun commentaire:
Enregistrer un commentaire