Hi, this is not only an Problem with dynamic IP.
This problem is also with Servers that allow per user FQDN’s.
Or even more worse in the case of allowing verification via non default port.
Since each user on an Host can open high ports, it is possible to open an port >1024 and then get certificates for any domain under this ip.