7 points | by mooreds 10 hours ago ago
3 comments
> Deactivation tracking is available in the USA because the FCC publishes a reassigned number database
TIL
https://www.fcc.gov/reassigned-numbers-database
> an account-takeover problem email doesn't have, for a couple of reasons.
> For email, the namespace is large.
> As far as I know personal email providers don’t reuse identifiers.
Email providers vary, their policies can change, and "don't reuse" may only mean "...for a year or few".
Or - if the email address is "@MyDomain.com", you have issues with expired domain name being picked up by less-than-saintly new owners.
That's a good point. The behavior varies wildly based on the domain provider and the behavior when you let a domain expire is similar to what happens when a phone number is deactivated, but with a possibly bigger blast radius.
> Deactivation tracking is available in the USA because the FCC publishes a reassigned number database
TIL
https://www.fcc.gov/reassigned-numbers-database
> an account-takeover problem email doesn't have, for a couple of reasons.
> For email, the namespace is large.
> As far as I know personal email providers don’t reuse identifiers.
Email providers vary, their policies can change, and "don't reuse" may only mean "...for a year or few".
Or - if the email address is "@MyDomain.com", you have issues with expired domain name being picked up by less-than-saintly new owners.
That's a good point. The behavior varies wildly based on the domain provider and the behavior when you let a domain expire is similar to what happens when a phone number is deactivated, but with a possibly bigger blast radius.