Damn! Using .af for a LGBT+ site is insane! The country could have redirected the domain to their own servers and started learning the personal details of those on the site who I imagine wouldn’t be terribly thrilled having an anti-LGBT+ government learn their personal information (namely information not displayed publicly). Specifically, they could put their own servers in front of the domain so they can decrypt it, then forward the traffic on to the legitimate servers, allowing them to get login information and any other data which the user sends or receives.
Damn! Using .af for a LGBT+ site is insane! The country could have redirected the domain to their own servers and started learning the personal details of those on the site who I imagine wouldn’t be terribly thrilled having an anti-LGBT+ government learn their personal information (namely information not displayed publicly). Specifically, they could put their own servers in front of the domain so they can decrypt it, then forward the traffic on to the legitimate servers, allowing them to get login information and any other data which the user sends or receives.
Would they care enough to do all of this, though?
The Taliban could have done that if the site weren’t secured with TLS, anyway.