Simple. Your users don’t care if it’s insecure. They click on fake password reset emails. You’re the bad guy here. They still haven’t forgiven you for requiring them to enter numbers when they want to log in.
Simple. Your users don’t care if it’s insecure. They click on fake password reset emails. You’re the bad guy here. They still haven’t forgiven you for requiring them to enter numbers when they want to log in.
As soon as everyone signs their zones with DNNSEC, we can implement DANE to use self-signed certificates safely, and all our problems will go away, world peace will be achieved, and food will taste better.