[spec] Certificate trust

[colecmac at protonmail.com]

> 2) If 1 is invalid, let's (introduce something new here) check if
> DNS doesn't have a TXT field with the certificate fingerprint and
> see if it matches the current one, accept if OK

Unless your computer is using DoH or DoT (or DNSSEC?? Not sure) then your DNS
lookup isn't secure either. If your adversary can sit in between your traffic
and change a capsule's TLS certificate than I don't see why DNS would be very
different. Seems like this just adds complexity but without benefit.

makeworld