background: I am using a free ddns provider that let's you set up sub domains on other (willing) people's tlds. I got a lets encrypt cert on my site and force https everywhere.<p>Am I wrong in thinking this makes my traffic immune from a man in the middle attack by the owner of the tld?
The domain owner is in more or less the same position with HTTP and HTTPS: normally they don't see any of your traffic, but since they control the domain they can change its DNS entries to wherever they want. CAs will happily take their control of DNS or the target location as proof that they own the domain (which is true) and give them a certificate, allowing MITM that's not obviously visible to the visitor but leaves discoverable traces.