- Rewrite the TLS authenticator to ignore DNS/IP verification - Still as secure as previous implementation