Let’s Encrypt Launches Multi-perspective Domain Validation – Response From Industry Expert

Let’s Encrypt has launched multi-perspective domain validation, a new feature that aims to bolster network security by limiting the ability of cybercriminals to trick Certificate Authorities into mis-issuing certificates.

Experts Comments

February 25, 2020
Kevin Bocek
VP Security Strategy & Threat Intelligence
Venafi
It’s great to see Let’s Encrypt increase the level of validation they use to better demonstrate ownership and control of a domain. However, we know that tens of thousands of Let’s Encrypt certificates are used by cyber attackers every day to make their phishing attacks more credible. It’s easy for many businesses to assume that if they don’t use Let’s Encrypt certificates this isn’t their problem, but that’s not the case. Attackers can still get Let’s Encrypt certificates.....Read More
It’s great to see Let’s Encrypt increase the level of validation they use to better demonstrate ownership and control of a domain. However, we know that tens of thousands of Let’s Encrypt certificates are used by cyber attackers every day to make their phishing attacks more credible. It’s easy for many businesses to assume that if they don’t use Let’s Encrypt certificates this isn’t their problem, but that’s not the case. Attackers can still get Let’s Encrypt certificates that look like any domain in seconds. The only way organisations can protect themselves is by having complete visibility over all the TLS certificates across the entire internet.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.