alt Hacker NewsThe vast majority of Let's Encrypt installations don't use CAA records or anything in DNS. Or they host the DNS along with the HTTPS servers.
So if the router between the web server and the Internet is compromised, it can just get trusted certs for all the HTTPS traffic going through it, enabling transparent MITM to inject its payload.
Replies
tptacek • today at 12:21 AM
"The web server"? Which web server? Are the HTTP flows with executable content going to the web server or coming from it? I'm sorry, you haven't really cleared this up.
➕ show 1 reply
This happened: https://notes.valdikss.org.ru/jabber.ru-mitm/