Richard wrote:
... the return path provides ...
This was where I ended up also. As Barry and others have discussed on the asrg, the write-side is throw-away assets. The "return path" is where the persistence of the names used is greater and the value to the scheme is realized. and Randy wrote:
all they need to do is register foo.bar with delegation to their dns servers, and change a third level domain name at will.
Yeah. But that's where registrars and registries can interpose on the scheme. The static 2LD with a twinkling constelation of 3LDs is still vulnerable. A run of twinkling 2LDs is harder for registrars and/or registries to break, cross registries and registrars. There may be fewer points of failure in the NS-set used for a particular campaign. Eric