But ambiguity is the worst thing for a top-level domain. Unknowingly, this decision created an environment in which .su became a digital wild west. Today, it is a barely policed top-level domain, a plausibly deniable home for Russian dark ops and a place where supremacist content and cyber-crime have found cover.
So much drama.
“Supremacist content”, “dark ops”, “cyber-crime”.
“The free world” has recently equated itself to Hitler at least two more times, and somebody’s worried that there are places with less censorship.
Also my anecdotal experience with .su domains is better than with .ru domains.
It’s really weird that somebody wants more policing at the top level of domains? Like seriously this is giving off the “There should be no swearing allowed on the internet” vibes.
Well, if you want my version, centralized DNS and centralized PKI reliant on bureaucracy are all wrong.
Identity providers should be a thing, and under one identity provider there should be ability to fix whatever domain name one wants, the act confirmed with cryptography. The providers themselves should technically be identified only by their public keys, and those should be listed in directories similar to yellow pages, changing very rarely preferably, where a key is listed against provider’s company name, phone, whether it’s paid or not, etc. Such directories being shared should be the only thing centralized here.
Our world has a lot of ugly, inefficient and vulnerable systems.
But the worst part is that common gaslighting or madness or whatever, where people act along unnecessary inefficiencies they themselves don’t need, like sheep watched by a shepherd dog. It’s obvious that various trash in governments wants systems vulnerable and centralized. But that’s what only they need, and only a handful of technologies they’ve rebuilt after that need. I don’t understand why the rest build bad systems where they don’t have to and don’t need to, or eve prefer bad systems where they have good ones.
It’s similar to the question of why people subject to genocide often don’t fight for their lives, at least until it’s too late.
Agreed, these systems are far too important to remain as centralized and vulnerable as they are currently. It is in governments’ best interests but not our own that they remain this way. Hopefully in the future things do change, I imagine the biggest push away from centralized DNS and centralized PKI will be from the fallout of shit like this breaking stuff and losing money.
I guess by “cybercrime” they mean piracy, because that’s the main thing I’ve seen .su used for.
If that’s what they mean by cybercrime they’re bigger bootlickers than I originally thought. Like it’s one thing to not want to support piracy, it’s a whole nother thing to outright say the quiet part out loud. Which, yeah that’s what they just did if that’s what they really meant. It’s already bad enough that they supposedly want domains to be aggressively policed, I mean like I said in my other comment, serious “no swearing allowed on the internet vibes” going on from how they wrote that part…
Come to think of it, I only know two .su domains and they’re pretty great…
Anyone else potentially see a problem in which a single organization oversees all name usage and can arbitrarily decide to break a good majority of the internet over stupid shit like this? Or are we all just fine with a single American based entity being able to decide what domains are valid and not?
Those countries are free to build out their own tcp/ip networks and configure them however they like. North Korea did it, how hard can it be?
Who says they need to go that far? One can build alternate DNS systems without self-isolating, in fact they should. Air-gapping like you suggest is extra work and not necessary to implement new domain registration control and DNS root servers. Also it kind of defeats the point because it isn’t a stand against IANA it’s saying build your own internet, not take back the one we already have.
Also it kind of defeats the point because it isn’t a stand against IANA it’s saying build your own internet, not take back the one we already have.
The US created the internet and created IANA to manage it. You’re not talking about taking it back, you’re talking about taking it. If you want to control it you should build your own, like the US or North Korea did.
Yes, Anyone Else has been seeing problems since the days of Bell up through the development and privatization of ICANN and beyond. But outrage over “a TLD is no longer delegated” is stupid shit. Where should ICANN be based and how would that influence its decision making processes?
I don’t really think ICANN should be based anywhere or really have any say, or I guess even exist at all. I’m a strong believer in a decentralized DNS system not controlled or designated by a single, all powerful entity. With how important it is and how much breaks if it gets compromised either by outside forces, or by internal corruption, it makes sense that something like this shouldn’t be so centralized and vulnerable.
I think it’s more of a historical accident that nobody really finds ideal, but there is also no good alternative solution that has a critical mass assembled behind it.
It all started with Jon Postel just taking on the job of keeping track. This is an interesting topical document: https://www.rfc-editor.org/rfc/rfc2468
So it’s basically because of laziness or lack of effort that no one wants anything better, or even just different. And that means ICANN/IANA can just casually break countless internet domains and cause a decade of internet bitrot at the drop of a hat and no one will challenge them over it.
no one wants anything better
More like there is nothing better people can agree on. You might like SCION with it’s RAINS architecture, where the trust anchors are local to the isolation domains. This way you could build up name resolution where you only depend on the local ISPs that form the core of your isolation domain. In my team we are supporting SCION, in fact we are in the core of one ISD, but the uptake on the customer side is relatively low so far. There are two or three niches that are using SCION more, but not RAINS yet, as far as I know.
even just different
Just different is not really attractive, unless people feel like IANA is really messing things up, or the US is exerting undue influence over it. So far they seem to have avoided making that impression widely.
Internet journalism means you can sensationalize hypotheticals like “The IANA may fudge its own rules” and “Money talks” without having to provide a source for those claims.
And why should I be careful choosing a TLD or interpret this as a warning? The Internet isn’t breaking, it’s changing. All this does is fear monger in favor of one Pope of the Internet.
OK poof there are now 100 name servers delegating .com. Which one does your ISP default you to? [1-100]
All of them, find one that responds an answer valid for my local saved key.
The DNS server is no longer an authority on its own, just your keyring matters.
Yeah, I gave up reading at
it’s a shocking reminder that there are forces outside of the internet that still affect our digital lives.
I think .io will continue to exist as a generic tld
ICANN specifically set aside all two character TLDs to be for country specific codes. There’s only a few cases where they kept ex countries TLDs around and phased them out over several years. It would be an entirely new precedent if they did keep it. So I wouldn’t depend on it
As much as I understand that some tiny countries need every source of income they can get, I still firmly believe that regional TLDs should only get to be used by users relevant to that region. Or else they just have no meaning at all.
That was my mini rant. Thanks for attending. That is all.
