After all, don’t many platforms (or heck, browsers) render .zip URLs nonfunctional due to security concerns? Meaning our community.lemmy.zip links may not automatically hyperlink when we want them to, or it may trigger security risk popups. Whoops. Feel free to correct me.

  • DemigodrickMA
    link
    fedilink
    English
    arrow-up
    11
    ·
    1 year ago

    So, there is a mixed bag of thought on this that I read up on before creating the domain, but tl;dr - .zip is a valid TLD and will be recognised by all browsers etc as such. There are lots of new TLDs being created and they’ll be in the same boat.

    .zip domains also come with higher levels of mandatory security and require an SSL certificate to display a webpage, which is another layer of security.

    On the flip side, yes someone will probably try to fake a zip file with it and send the link around, but (and people are free to disagree with me here!) this is basic Internet security and you shouldn’t be clicking links to places you weren’t expecting.

    Federation won’t be affected by anything and we’d need to be manually defederated like normal.

    People/companies may decide to block .zip domains but that is a knee-jerk reaction. Bad actors will exist (and have existed before) and with the way TLDs are heading before long you’ll probably be able to generate anything as a TLD, after all they’re just name friendly pointers to an IP address.

    In summary, it’s not caused us any issues yet, I dont forsee it causing us any issues, but if it did, then we’ll cross that bridge when we get there!

    • DaforLynxOP
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      I hope you’re right! Question, is the “higher levels of mandatory security” due to .zip being a newer domain or due to it coinciding with a widely used file extension? Or both?

      • DemigodrickMA
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        1 year ago

        Its something that is happening with a lot of newer TLDs. Theres a bit more info in the first paragraph here which relates to .app domain, but is the same thing.

        Edit: even better info here