On 05/03/15 07:40, Anne van Kesteren wrote:
> This would require everything that's like github.io to register as a
> public suffix. 

github.io already is a public suffix :-) If some private entity is
handing out subdomains to mutually-untrusting 3rd parties, there are a
number of reasons they should be in the PSL. If they aren't, they'll
have bigger problems than one site not being able to use localstorage
because another one has sucked it all up.

> And if someone actually wants to attack users I doubt
> the budget would only allow for a single domain. This is why I'm not
> really convinced this eTLD coupling is really of help.

Doesn't it also prevent accidental as well as deliberate problems? If
there was no eTLD coupling, one site that was doing something they
thought was perfectly reasonable could nevertheless exhaust the
available resources for everyone on a resource-constrained device.

Gerv

_______________________________________________
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform

Reply via email to