Are you sure that all "old school" CAs wouldn't issue a cert for that?
They were never supposed to fight phishing. Domain Validation certificates literally validate… domains, and nothing more.
It would make more sense to prevent googIe.com from existing at the .com registry level, before any TLS is involved.
Are you sure that all "old school" CAs wouldn't issue a cert for that?
They were never supposed to fight phishing. Domain Validation certificates literally validate… domains, and nothing more.
It would make more sense to prevent googIe.com from existing at the .com registry level, before any TLS is involved.