Email or username:

Password:

Forgot your password?
Top-level
Brad

@carter @jonty Does DNS TXT have the same problem? If you can register a subdomain _atproto.example.com and create a TXT record for it, could you impersonate the parent domain example.com?

3 comments
Carter

@bk1e sure, but if you have write access to the authoritative DNS records, you already have the keys to the kingdom. Whereas you can convince a hosting provider to serve a file at a given path pretty easily, it’s part of the product.

Brad

@carter Dynamic DNS providers allow customers to register hosts on their domains, and some might support TXT records. However, registering a host named _atproto is probably not allowed because the leading underscore makes it an invalid hostname.

Carter

@bk1e not sure why TXT would be supported, but yeah I’m sure some impl out there allows it + doesn’t have that validation in place. Good stuff 😛

Go Up