Folks here will probably be interested in this paper recently presented at HotPETS: Using BGP to Acquire Bogus TLS Certificates . Essentially, BGP hijacking can be used to fool most domain validation processes, allowing an attacker to issue a certificate for a domain they don’t control, using nearly …

Using BGP to Acquire Bogus TLS Certificates

cpu August 25, 2017, 6:03pm 10

As an update, we just announced the deployment of this feature to the staging environment.

Topic		Replies	Views
Attack on domain verification with BGP hijacking Issuance Tech	12	9113	August 19, 2017
Is it safe to use HTTP in domain validation? Client dev	23	4804	December 15, 2016
Extended checks if domain already has a EV certificate Issuance Policy	17	5356	May 20, 2017
Specify source country for http-01 challenge Feature Requests	14	3047	May 16, 2024
Alternative for allowing letsencrypt file auth connections for a geo-restricted server Feature Requests	41	250	December 17, 2024