|
|
|
|
|
|
by mlyle
1652 days ago
|
|
|
Generally a dot is used as a barrier for these, because otherwise you need to have an infinite (and changing) list where users are allowed to register subdomains. .ac.uk vs. .com, etc. Not to mention that there are some of these domains where the policy is changing and there's both delegates and toplevel domains. If you don't trust across separator boundaries you're mostly safe. That is, mytxt.foo.com shouldn't be blindly trusted for my.subdomain.foo.com nor mytxt.subdomain.foo.com shouldn't be trusted for foo.com. IMO the biggest concern is with organizations that blacklist domains for various reasons, because they are not eager to just build very fine-grained blacklists. |
|
|