Gregory's Server@Faket @siegi @fediversereport
My point makes reference to this quote from the second post on this thread:
"Following this pattern (social. subdomains) makes it immediately clear to people they are communicating with an official government account."
This is false. Establishing a convention may be a cool idea, but it adds nothing to security or "making anything clear". Subdomains mean nothing in terms of validation of legitimacy.
Root domains and certificates, on the other hand, mean everything.
@inventor @siegi @fediversereport Are you suggesting that it's not better to have a [social|mastodon|toot|whatever].admin.ch than any other random root domain?