you should review the announcement as all these questions have been discussed and answered in detail
in short DNS validation is the only way to prove that you control domain. HTTP/TLS validation doesn't work for example if you have another party looking after a server for you (one of let's say 1000)
Andrei