I just discovered that there is DNS verification, and I was quiet enthusiastic about it because I thought it would be a lot easier to use for me. But then I noted that (other than I expected) you need to set the TXT record to a different value every time you verify. So I am wondering, why is that?
Why isn’t it designed such that you just set the txt record to the public key of the account responsible for this domain, for example? (Or the account ID, or whatever)
I’m sure there is a good reason for it, but I’m curious what it is. Are there security issues? Or are there practical/usability concerns?