On Wed, 25 Apr 2018, Ryan Hurst via dev-security-policy wrote:
Multiple perspectives is useful when relying on any insecure third-party resource; for example DNS or Whois. This is different than requiring multiple validations of different types; an attacker that is able to manipulate the DNS validation at the IP layer is also likely going to be able to do the same for HTTP and Whois.
which is why in the near future we can hopefully use RDAP over TLS (RFC 7481) instead of WHOIS, and of course since the near past, DNSSEC :) I'm not sure how useful it would be to have multiple network points for ACME testing - it will just lead to the attackers doing more then one BGP hijack at once. In the end, that's a numbers game with a bunch of race conditions. But hey, it might lead to actual BGP security getting deployed :) Paul _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
