logoalt Hacker News

arcfourtoday at 7:47 AM5 repliesview on HN

> Why discord domain verification instead of domain-verifications with a dynamic list on entries?

The TXT record itself is already a dynamic list of entries. It's far simpler and easier to iterate through the list and compare the start of each value with your search string until you find "discord domain verification" directly than it would be to do anything else.

Example:

    ;; ANSWER SECTION:
    ycombinator.com.        300     IN      TXT     "openai-domain-verification=dv-QbhxxK0G0JK0dnyZ4YTsNAfw"
    ycombinator.com.        300     IN      TXT     "v=spf1 include:_spf.google.com include:mailgun.org a:rsweb1-36.investorflow.com include:_spf.createsend.com include:servers.mcsv.net -all"
    ycombinator.com.        300     IN      TXT     "MS=ms37374900"
    ycombinator.com.        300     IN      TXT     "anthropic-domain-verification-0qe2ww=yK576oHdDgyTcXgkPfj1KXgGt"
    ycombinator.com.        300     IN      TXT     "ZOOM_verify_2ndw8KZxSRa8PT8NmdyXvw"
    ycombinator.com.        300     IN      TXT     "google-site-verification=KsI69Y_jEVkp4eXqSQ9R9gwxjIpZznvuvrus6UolB9Y"
    ycombinator.com.        300     IN      TXT     "ca3-4861b957e83847c188e45d04ec314ee3"
    ycombinator.com.        300     IN      TXT     "apple-domain-verification=WG0sP5Alm7N6h1Te"
    ycombinator.com.        300     IN      TXT     "dropbox-domain-verification=asc63coma4mv"
    ycombinator.com.        300     IN      TXT     "google-site-verification=GJKdQskycEclAGPua3yXB9m_nVhxbrsVps_y-t9SXV0"
    ycombinator.com.        300     IN      TXT     "Wayback verify for support request 741082"
    ycombinator.com.        300     IN      TXT     "google-site-verification=rivq8jKu6AADGtbbEzJhmOpcqq08B7QxIzXxYV8DtyU"
    ycombinator.com.        300     IN      TXT     "rippling-domain-verification=a660f7a4ab77a3de"

Replies

teddyhtoday at 11:20 AM

Having all those TXT records at the domain apex like that makes the TXT query reply huge, which affects, for instance, every mail recipient who merely wants to check the SPF record. This is a bad pattern to follow.

show 2 replies
sandblasttoday at 8:06 AM

"Domain-verifications" is an invitation for everyone else that might need it to use the same standard and convention. "Discord-domain-verification" is not, it's what feels like polluting the global namespace with the company name that might cease to exist in a few years.

At the very least, it should be "domain-verification-discord", "-google" and so on. Maybe even "-com.discord", "-com.google"? And the first part clearly standardized and registered, instead of one entity using "domain" and another one "site".

show 1 reply
bombcartoday at 11:11 AM

Domain verifications leak information that they shouldn't - it should be "random key.domain.com in TXT randomkey"

quotemstrtoday at 5:01 PM

Literally the inner platform effect. We have multiple kinds of DNS record. Let's use them instead of creating a key value store inside a key value store.