logoalt Hacker News

So You Want to Define a Well-Known URI

129 pointsby ingvetoday at 6:05 AM84 commentsview on HN

Comments

reddalotoday at 7:36 AM

I wish people would follow this, instead of coming up with new standards in the root namespace. "llms.txt" [1] comes to mind, for example.

Let's stop polluting the root of a domain!

[1] https://llmstxt.org/

show 1 reply
devdoshitoday at 5:25 PM

I do think it is important to have autonomous discoverability with domain-anchored trust, whether through .well-known or DNS records or DNS over HTTP. It looks like cloudflare has already added a bunch of observability into their products around this area, and I am investigating too [1]. It seems like the number of services needing these, and the amount needed per org should both go up with more agentic use cases.

I believe auth.md is also a recent example that uses .well-known

[1] https://instagrate-me.sudoscience.dev/

sandblasttoday at 7:55 AM

No, in fact I don't. But this post wouldn't be of any help anyway. It feels like it's about nothing, there is no substance, just stating some obvious facts. Without examples that lead to some real recommendations, this whole expertise claimed by the author is of no use.

show 2 replies
weldertoday at 4:19 PM

Does a change-password registry actually get used, even by bots? I don't see bots checking for a .well-known/change-password url on my sites. It seems a good place to put public configs, just to have a place for them, but not as a means of discovery.

show 1 reply
jvuygbbkuurxtoday at 7:33 AM

Why are they so specific?

Why password-reset instead of a more generic link tree?

Why discord domain verification instead of domain-verifications with a dynamic list on entries?

Seems like a waste of time. I would just define my own spec outside of well known for my use case.

show 3 replies
1vuio0pswjnm7today at 2:07 PM

"This Web site requires a more modern browser to operate securely; please upgrade your browser."

Alternative, no SNI required

https://web.archive.org/web/20260619061625if_/https://mnot.n...

show 2 replies
inigyoutoday at 2:23 PM

The consideration about having more than one of them on a domain seems like something that's often overlooked.

momoraultoday at 1:17 PM

.well-known started tidy and quietly became the junk drawer of the web root. security.txt, ACME, app-site-association, and counting.

show 3 replies
jiggunjertoday at 11:23 AM

Title says uri but post only about urls, a type of uri

einpoklumtoday at 7:40 AM

How well-known are those URIs though? :-\

show 5 replies
quotemstrtoday at 4:56 PM

One disappointment you can't help but feel, having worked in technology a while, is about how people solve the same problems over and over in redundant and subtly incompatible ways.

How do you associate metadata with a public name? A SRV record! No, a TXT record! No, a meta tag! No, data attributes! No, an X.509 attribute! No, a random file at top level! No, a well known file under some schema! No, ...

It goes on forever. We're left with a mishmash of mechanisms and lowest common denominator support for them all.

It would be nice if we picked an extension mechanism and maximally enhanced it rather than having everyone invent his own

user3939382today at 12:40 PM

I wish we had one for navigation layout of a site so browser chrome could render that in a consistent way. It would also be a boon for a11y.

philipwhiuktoday at 8:59 AM

I'm not sure I like `https://domain.com/.well-known/robots.txt` any better frankly

show 1 reply
creatorpilottoday at 9:02 AM

[flagged]