The wildcard fix is annoying when you have everything on SSL but don't want to handle a wildcard cert[1]. When someone typos https://foo.example.com I'd like the UX to be a browser's "could not connect to server" error, not "this site is untrusted, run away as fast as you can".
--
[1] IMO, the use of wildcard certs is a dangerous practice[2] made obsolete by SNI.
[2] If the cert gets stolen from one server, the thief can impersonate any server on that domain.
Given that no means currently exists to safely hand out a certificate for example.org that can in turn sign separate certificates for arbitrary foo.example.org subdomains, some sites still need wildcards. If you hand customers their own subdomain, and you automatically mint new customer subdomains when new customers sign up, you can't get a separate CA certificate for each one even if SNI does work; you really do need a wildcard for that.
yes, you can enter a wildcard record yourself, and that will override the name.com wildcard. Is it irritating that they do that? Sure. Should they be doing? probably not. But it does have a pretty simple fix.
Personally, I use a third-party dns service. Seen too many registrars play with DNS. Don't know why anyone would trust them.
I don't know about you, but i give everyone the benefit of doubt and unless someone violates this trust, i'd think most people do too.
Also, at least i tend to think of registrars as some kind of neutral entity that i, indeed, can trust - guess there are some exceptions to the rule.
How many years and years of abuse has it taken for people to notice what GoD*ddy has been doing all that time and finally cause some sort of mass-defect to other registrars..
Hopefully, the level of tolerance for this behavior is of an all-time low so registrars simply can't afford to abuse the trust of their customers any longer.
"I don't know about you, but i give everyone the benefit of doubt and unless someone violates this trust, i'd think most people do too."
True.. and I used to trust registrars to manage my DNS.. but over the years, this is at least the 3rd or 4th time this has happened with a registrar I am on (yes, I have domains at name.com).
Since I don't have time to interrogate every registrars DNS server when I sign up, I just assume it's useless these days. + I end up having to pay for a DNS service anyway, to avoid the bad registrars DNS.. so it's easier to use a single DNS service for all of the domains.
This is what happened. For example, I previously gave Name.com the benefit of the doubt and sent them an email asking them to fix the issue. They did not, so now I mention this every time I see their service mentioned. They are scum just like GoDaddy but on a lower scale.
--
[1] IMO, the use of wildcard certs is a dangerous practice[2] made obsolete by SNI.
[2] If the cert gets stolen from one server, the thief can impersonate any server on that domain.