undefined | Better HN

0 pointsbawolff2y ago0 comments

Generally yes, but there is a slight mitigating factor that certificate transparency makes it very public who you are attacking.

In theory, if it was just your site ip that was attacked and not your dns provider, CAA record can protect you. Probably one of the few cases where dns-sec is actually useful. All that though is an edge case that probably doesn't apply 99% of the time.

0 comments

3np2y ago

> All that though is an edge case that probably doesn't apply 99% of the time.

The same could be said for many necessary security measures.

j / k navigate · click thread line to collapse

0 comments

3np2y ago

> All that though is an edge case that probably doesn't apply 99% of the time.

The same could be said for many necessary security measures.

j / k navigate · click thread line to collapse