Love the article and agree with you but the normal persons take is exactly right - "isn't .zip a file extension and couldn't the average person think that it just leads to downloading a zip file or something like that? Aren't zip files kinda weird?"

However I would read luke's articles anytime, no matter the tld.

> you try to tell your friend “hey I sent weddingpictures.zip to your email” and your friend clicks the resulting link, thereby being redirected to a trick site that steals your SSN.

Information theft seems possible, SSN less so, but I was more concerned about downloads.

Clicking on an auto-linkified weddingpictures.zip could autodownload a zip file containing malware. You may trust your friend but the zip file is not from them.

I think the lack of auto-linkification has a lot to due with why we aren't seeing real phishing attacks using the ZIP TLD. So I feel like we warned, the industry reacted by not autolinkifying, and disaster was averted.

Luke defends all the problems with .zip but doesn't present a case why .zip is good.