Oddbean new post about | logout
Binsk :audhd: :firefish: :donor: | 1 years ago (raw) | root | parent | reply | flag 
 @3e3ce96c maybe. it also keeps someone from being beholden to a single registrar or gatekeeping under a single subdomain under Okta where DoS attacks take out everybody. They’re tilted toward fault tolerance but at the expense of assurance and trust.
Ian Campbell | 1 years ago (raw) | root | parent | reply | flag 
 @6b24927c When it's either got a typo homograph (like the CGS one) or has an MX record not pointing to the primary domain (like the riot games one) it raises my suspicion much, much higher.
Binsk :audhd: :firefish: :donor: | 1 years ago (raw) | root | parent | reply | flag 
 @3e3ce96c looks like I misread your post. Yes, you’re totally right. I mistook the point to be about subdomains generally, not typosquatting ones. A verifiable TXT record back to Okta might help a bunch, but it’d only be compensating for the weakness in the overall system which you’re rightly highlighting. What a mess.
Ian Campbell | 1 years ago (raw) | root | parent | reply | flag 
 @6b24927c Always appreciate the second set of eyes - you're not wrong about not keeping all eggs in one basket.