Let’s Encrypt Launches Multi-perspective Domain Validation – Response From Industry Expert

By   ISBuzz Team
Writer , Information Security Buzz | Feb 25, 2020 01:41 am PST

Let’s Encrypt has launched multi-perspective domain validation, a new feature that aims to bolster network security by limiting the ability of cybercriminals to trick Certificate Authorities into mis-issuing certificates.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Kevin Bocek
Kevin Bocek , VP Security Strategy & Threat Intelligence
InfoSec Expert
February 25, 2020 9:44 am

It’s great to see Let’s Encrypt increase the level of validation they use to better demonstrate ownership and control of a domain. However, we know that tens of thousands of Let’s Encrypt certificates are used by cyber attackers every day to make their phishing attacks more credible.

It’s easy for many businesses to assume that if they don’t use Let’s Encrypt certificates this isn’t their problem, but that’s not the case. Attackers can still get Let’s Encrypt certificates that look like any domain in seconds. The only way organisations can protect themselves is by having complete visibility over all the TLS certificates across the entire internet.

Last edited 3 years ago by Kevin Bocek

Recent Posts

Would love your thoughts, please comment.x