[Pre-RFC] DNS domains as package namespaces

> I really don't think we should or want to extend that into a dependency system, where a domain expiry could easily lead to RCE on a dev machine unless cases like these are really solved. The original proposal would not enable this -- permission to upload new versions of existing crates is controlled by crates.io package ownership, not domain registration. Further, if people would be OK with it, the follow-up comment of tracking domain ownership in crates.io too would mean that gaining control of a pre-existing namespace wouldn't allow publishing new crates. I don't see how the risk you describe exists given those safeguards.