Comment by UncleEntity

3 years ago

…which gets promptly forgotten about after it’s initial use case and years later your user database gets sold on the internet.

How many “low-impact” things have been compromised over the years, I wonder?

Unless you have anyone competent running the DNS config, or have a ticketing workflow of any kind, and I can't figure out what you think a DNS record with a onetime validation token could do if left unmanaged beyond some adversary discovery.