> On Feb 26, 2019, at 1:25 PM, Nico Cartron <nico...@ncartron.org> wrote: > > > >> On 26 Feb 2019, at 21:58, Bill Woodcock <wo...@pch.net> wrote: >> >> >> >>> On Feb 26, 2019, at 8:12 AM, John Levine <jo...@iecc.com> wrote: >>> >>> In article >>> <CAD6AjGTBNZ8wTv6Y1KgTvNaW6Zi87RLprQK2Lg=d0evK8ot7=g...@mail.gmail.com> you >>> write: >>>> Swapping the DNS cabal for the CA cabal is not an improvement. Right? They >>>> are really the same arbitraging rent-seekers, just different layers. >>> >>> The models are different. If I want to compromise your DNS I need to >>> attack your specific registrar. If I want a bogus cert, any of the >>> thousand CAs in my browser will do. >> >> Exactly. And if you’re an organization that has money and pays attention to >> DNS and security, you can get yourself a TLD, and be your own registry, at >> which point you only need to worry about the security of the root zone. > > Interesting. > Never thought of new TLD from this angle :)
That’s the main reason for having a brand TLD at this point, from my point of view. It’s the reason I’d get one in a heartbeat, if I could afford the fees. -Bill
signature.asc
Description: Message signed with OpenPGP