[liberationtech] Question EFF CA Let's Encrypt

[Richard Brooks]

Just looked at this:

https://letsencrypt.org/howitworks/technology/

The EFF's new CA to make things cheap and easy for
installing certs. I like the goal.

What I do not get from the description is how they
really verify that I legitimately own the site. If
I should manage to reroute some traffic and do
DNS cache poisoning on a web-site address, wouldn't
the system accept my web-site as valid? It seems like
they are accepting the fact that you can reach the
site using DNS information (which is not secured)
as proof of legitimacy.

Or is there something I am missing?