zlacker

[return to "So this guy is now S3. All of S3"]
1. efitz+Il[view] [source] 2023-05-04 20:36:57
>>aendru+(OP)
If you want to prove domain ownership, you have to do it at the domain level.

The ability to serve a file “www.example.com” in no way demonstrates ownership of “example.com”; it demonstrates that you control www.example.com.

If you want to prove ownership of a second level domain you must do it through a record in DNS, or through demonstrating control of something that is publicly known to control the domain such as the administrative contact emails.

This really is a solved problem in the PKI space; they should have borrowed that rather than invent their own.

◧◩
2. stevek+5n[view] [source] 2023-05-04 20:44:15
>>efitz+Il
As said multiple times in this thread, the primary way of identifying yourself in this protocol is a TXT record in DNS.
◧◩◪
3. gkbrk+df1[view] [source] 2023-05-05 04:15:12
>>stevek+5n
The "primary" way doesn't really matter if a user checks their app and sees that it was verified.

Unless the UI makes it clear it was verified with "non-primary" methods so users can be cautious, any method of verification is essentially "primary" from the user POV.

[go to top]