On 05/03/15 07:40, Anne van Kesteren wrote: > This would require everything that's like github.io to register as a > public suffix.
github.io already is a public suffix :-) If some private entity is handing out subdomains to mutually-untrusting 3rd parties, there are a number of reasons they should be in the PSL. If they aren't, they'll have bigger problems than one site not being able to use localstorage because another one has sucked it all up. > And if someone actually wants to attack users I doubt > the budget would only allow for a single domain. This is why I'm not > really convinced this eTLD coupling is really of help. Doesn't it also prevent accidental as well as deliberate problems? If there was no eTLD coupling, one site that was doing something they thought was perfectly reasonable could nevertheless exhaust the available resources for everyone on a resource-constrained device. Gerv _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform