Tim Newsham wrote:
dns is a non-issue if the rest of ssl is working. dns is irrelevant if it isn't.Except when SSL has chinks in its armor. Like incidents of certificate authorities being convinced to give out certs fordomains that don't belong to the requestor.
http://instigations.com/fudili/certsetc.html (scroll down)