28Nis
If a mobile app pins the Root Authority Certificate of a server and verifies its hostname, is it possible an attack via DNS-poisoning?
I have some questions about certificate pinning. Supposing that a mobile application has pinned only the root CA, it should be possible to an attacker to redirect in some way the victim to a malicious website with the same Root CA. Am I wrong? What happens, instead, if an app pins the Root CA but verifies the hostname of the server which the app is connecting to? If the attacker owns a website under the same Root CA, can he poison DNS-cache and let the app connect to his website or there are security mechanisms which prevent such behaviour? Thanks in advance!
