zlacker

[parent] [thread] 2 comments
1. mtae+(OP)[view] [source] 2023-05-04 20:31:09
okay so clearly you don't know what you're talking about because they do use existing standards/DNS as the primary way to validate domain ownership. It's free to not say anything and read the comments first before going off about something!
replies(2): >>i_am_j+05 >>accoun+kl1
2. i_am_j+05[view] [source] 2023-05-04 20:57:00
>>mtae+(OP)
>okay so clearly you don't know what you're talking about because they do use existing standards/DNS as the primary way to validate domain ownership.

I'm not going to speak for the commenter you're replying to, but I don't think anyone here is talking about the standards-compliant, DNS-based domain verification system. I think we're all talking about the non-standards-compliant, /xrpc/-path verification.

3. accoun+kl1[view] [source] 2023-05-05 08:51:42
>>mtae+(OP)
With any kind of authentication when you have an insecure method it does not mather whether you also have a more secure method - your authentication is only as good as the weakest alternative.
[go to top]