Indeed, your comment illustrates the importance of proactively strengthening the domain validation protocol used for issuing digital certificates.

Our work with Let's Encrypt demonstrated the feasibility of validating domains from multiple vantage points on the Internet: https://www.usenix.org/conference/usenixsecurity21/presentat...

We hope and advocate for universal adoption of this approach via the CA/Browser forum (since the internet is only as strong as its weakest link).