> Companies register all kinds of crazy domains and redirect you through them all the time
That's the real problem with domain trust these days. Companies go out of their way to make sure you know to only visit official links, and then do stupid stuff like buying vanity domains for one-time deals, or make you click through mailchimp tracking URLs because marketing tracking is more important than your customers falling for phishing. Those vanity domains then end up expiring, and now emails and web links that used to go to an official $brand server are all ready to be swooped up by scammers. Customers never stood a chance.
This isn't a TLD problem. It's a shitty company problem.
I wholeheartedly agree. Subdomains exist for a reason. Vanity domains are so incredibly sloppy and unserious.
Another issue is that they can make password management more of a chore. Every time I need to look up my Microsoft login, I have to remember to actually look up “live.com”. Except sometimes the login page is served from “microsoft.com”. Oops, you forgot your password and reset it; now your password for the other domain is out of date. Utterly ridiculous behavior from a company of their stature.
This made me think I'd somehow not saved my MS password because it wouldn't show up if you searched "microsoft". I know you can combine them like the other comment mentioned but what an awful default experience.
What I meant was that you can not put any trust in the contents of DNS labels, they should be handled as opaque blob-like identifiers. The only meaningful thing you can do with domain name is to compare it's labels to some reference.
So no, I don't trust that I'm on HN because of I put any trust in the domain "news.ycombinator.com" signifying anything. I only trust that I'm on same HN that I was on yesterday because the domain matches exactly the reference value. But the domain name could be anything, as long as it is stable.
Maybe it would be better to say "there is no inherent trust on domains". I trust HN today because I was on HN yesterday, and the day before, and last year, and 10 years ago, etc., and it's always been trustworthy (so far as I know).
But if I saw a link tomorrow for hackernews.shop and I went there, I'd be very suspicious.
That's the real problem with domain trust these days. Companies go out of their way to make sure you know to only visit official links, and then do stupid stuff like buying vanity domains for one-time deals, or make you click through mailchimp tracking URLs because marketing tracking is more important than your customers falling for phishing. Those vanity domains then end up expiring, and now emails and web links that used to go to an official $brand server are all ready to be swooped up by scammers. Customers never stood a chance.
This isn't a TLD problem. It's a shitty company problem.