TR-S-1 — DNS hijacking returns attacker-controlled trust list URL
Component: Trust Evaluation. Mitigations: SafeHTTPClient DNS rebinding protection; HTTPS required. Action: None required.
| Property | Value |
|---|---|
| Section | Spoofing |
| Owner | platform |
Mapped Controls
| Control | Title |
|---|---|
| SID-TRANS-04 | SSRF-Protected HTTP Client |
Source: STRIDE analysis (April 2026), architecture/stride-threat-model.md