|
|
|
|
|
|
by floatingatoll
2126 days ago
|
|
|
Incorrect. Requiring HTTPS would absolutely protect against hijacking of top-level domains that aren't registered, as no SSL/TLS issuer that's trusted by browsers will issue certificates covering those domains. A first step towards that eventual outcome would be to default to https:// for anything typed by a user that doesn't start explicitly with http:// so that they are protected from NXDOMAINs in that regard. I hope that the various browsers implement at least that first step. |
|
|