alt Hacker News"Phishing existing" isn't the argument. "The dominant vector for actual domain takeover over the last 5 years is phishing" is.
"Phishing existing" isn't the argument. "The dominant vector for actual domain takeover over the last 5 years is phishing" is.
But it also applies to every other part of the stack, including WebPKI. Would you accept this as a valid argument against using HTTPS everywhere?