- cross-posted to:
- cybersecurity
- programming
- [email protected]
- [email protected]
- cross-posted to:
- cybersecurity
- programming
- [email protected]
- [email protected]
I doubt this will happen, but they should just reassign it to the Mauritius authority. The citizens of the islands could then potentially see some benefit from it, not Google or ICANN or whoever selflessly offers to take it over.
Normally that would have been the preferred solution, but since IANA has experienced all kinds of shenanigans on similar occasions they have decided to not allow ccTLD’s to survive their former country anymore.
Yep. And for very good reasons, as explained in the article. But knowing that domains can be a significant source of income for a small nation, it does seem a shame to both waste that resource and break tons of sites in the process. I wish there were better ways to do this that didn’t mean shutting it down or even selling it off to the highest bidder (who already has enough money).
Any sources for further reading/watching?
The article you’re commenting on, for a start…
On September 19, 1990, the IANA created and delegated the top-level domain .su to the USSR. Just six weeks later, the Berlin Wall fell
wot
the Berlin Wall fell in November of 1989, something is definitely wrong with the chronology here
It was fixed and now has this comment at the bottom:
An earlier version of this article incorrectly stated that the Berlin Wall fell in 1990, not 1989. We regret the error.
Maybe they saw your comment
This is one of the main reasons why I’ve been a boring stick in the mud and stuck to com/net/org domain names for stuff I’m that I intend to use for anything that’s going to be around for more than a short period.
Odds are they’re not going to end up vanishing due to things utterly outside the control of, well, anyone or get sold to a horrible steward of them that jacks up prices insanely or does other stupid shit.
I will admit to owning a few .us domains, but as a US-ian, if the .us TLD vanished, I’m pretty sure my domain names would be very, very, very far down the list of shit I’m actually concerned about at that moment.
If the .us TLD vanished, as in, if America ceased to be. I imagine com, net, org, and domains of the like would also be seriously affected since their maintainers as well as the organization with all control over all domains and the root servers would also be affected by such change. The internet could adapt for sure even in the worst case scenario, but with how centralized DNS is it would cause more than a few shakeups. Probably would make this incident look like a drop in the bucket.
Exactly this. Another factor in choosing TLDs is that they have different rules. Read those rules closely. Some of them make it much easier for them to take the domain names away from you, for things like copyright infringement, for example. .COM/.NET/.ORG have the strongest rules protecting your ownership, as far as I can recall. This is one of the reasons I stick to those old 3 rather than using newer gTLDs like .INFO, .BIZ, etc.
Yeah, my domains are .com or .us, the .com ones face the outside world for whatever reason and the .us I use to mean “us my family” rather than US, though I’m a citizen so I’m in the clear
If .us suddenly goes somewhere its prrrrrobably true that I am also gone in whatever caused that, too
Text below:
On October 3, the British government announced that it was giving up sovereignty over a small tropical atoll in the Indian Ocean known as the Chagos Islands. The islands would be handed over to the neighboring island country of Mauritius, about 1,100 miles off the southeastern coast of Africa.
The story did not make the tech press, but perhaps it should have. The decision to transfer the islands to their new owner will result in the loss of one of the tech and gaming industry’s preferred top-level domains: .io.
Whether it’s Github.io, gaming site itch.io, or even Google I/O (which arguably kicked off the trend in 2008), .io has been a constant presence in the tech lexicon. Its popularity is sometimes explained by how it represents the abbreviation for “input/output,” or the data received and processed by any system. What’s not often acknowledged is that it’s more than a quippy domain. It’s a country code top-level domain (ccTLD) related to a nation—meaning it involves politics far beyond the digital world.
Since 1968, the UK and U.S have operated a major military base on the Chagos Islands (officially known as the British Indian Ocean Territory) , but the neighboring nation of Mauritius has always disputed British sovereignty over them. The Mauritian government has long argued that the British illegally retained control when Mauritius gained independence. It has taken over 50 years, but that dispute has finally been resolved. In return for a 99-year lease for the military base, the islands will become part of Mauritius.
Once this treaty is signed, the British Indian Ocean Territory will cease to exist. Various international bodies will update their records. In particular, the International Standard for Organization (ISO) will remove country code “IO” from its specification. The Internet Assigned Numbers Authority (IANA), which creates and delegates top-level domains, uses this specification to determine which top-level country domains should exist. Once IO is removed, the IANA will refuse to allow any new registrations with a .io domain. It will also automatically begin the process of retiring existing ones. (There is no official count of the number of extant .io domains.)
Officially, .io—and countless websites—will disappear. At a time when domains can go for millions of dollars, it’s a shocking reminder that there are forces outside of the internet that still affect our digital lives.
When domains outlive countries
The removal of an entire country or territory from the world map is incredibly rare, so one might ask why the process for deleting a domain is so clearly documented. So automatic. So…final.
The answer is simple: history.
There are two organizations responsible for domains and internet addresses. The IANA decides what should and shouldn’t be a top-level domain, such as .com, .org, .uk, or .nz. The organization originated at the University of Southern California, although it was only formalized in 1994, when it won a contract put out by the U.S. It operated for several years as a small research and management committee. As the internet grew, it became clear that a more formal setup was required. By 1998, the IANA became part of a new organization: the Internet Corporation for Assigned Names and Numbers (ICANN). ICANN, based in the U.S., was given the broader responsibility of overseeing the operational stability of the internet and ensuring international interests were represented.
These two organizations might seem like they have mundane roles. But they have found themselves making some of the hardest decisions on the global internet.
On September 19, 1990, the IANA created and delegated the top-level domain .su to the USSR. Just six weeks later, the Berlin Wall fell, and the chain of events that would lead to the collapse of the USSR began. At the time, nobody thought about what should happen with the .su domain—the internet as we know it was still years away. So the .su domain was handed to Russia to operate alongside its own (.ru). The Russian government agreed that it would eventually be shut down, but no clear rules around its governance or when that should happen were defined.
But ambiguity is the worst thing for a top-level domain. Unknowingly, this decision created an environment in which .su became a digital wild west. Today, it is a barely policed top-level domain, a plausibly deniable home for Russian dark ops and a place where supremacist content and cyber-crime have found cover.
A few years later, in 1992, the IANA learned a similarly harsh lesson at the end of the Balkans War, which saw the breakup of Yugoslavia into several smaller states. In its aftermath, the joint nation of Serbia and Montenegro attempted to adopt the name “Federal Republic of Yugoslavia.” Slovenia and Croatia objected, claiming that it implied Serbia and Montenegro were Yugoslavia’s legitimate successors. The two countries protested to the UN.
As the international issue over Serbia and Montenegro’s name rumbled on throughout the early nineties, the IANA remained unsure about who should control .yu, Yugoslavia’s top-level domain. Email access and the internet were now integral to research and international discussions, and the IANA’s ambiguity led to an extraordinary act of academic espionage.
According to the journalist Kaloyan Kolev, Slovenian academics traveled to Serbia at the end of 1992. Their destination was the University of Belgrade in the country’s capital. On arrival, they broke into the university and stole all the hosting software and domain records for the .yu top-level domain—everything they needed to seize control. For the next two years, the .yu domain was unofficially operated by ARNES (Academic and Research Network of Slovenia), which repeatedly denied its involvement in the original heist. ARNES rejected all requests by Serbian institutions for new domains, severely limiting the country’s ability to participate in the growing internet community. The situation became so messy that, in 1994, IANA founding manager Jon Postel personally stepped in and overrode IANA regulations, forcibly transferring ownership of the .yu domain back to the University of Belgrade.
In 2006, Montenegro declared independence from Serbia. With the digital revolution now firmly underway, the IANA was determined not to let chaos reign once again. It created two new top-level domains: .rs for Serbia and .me for Montenegro. Both were issued on the requirement that .yu would officially be terminated. It would take until 2010 for this to happen, but the IANA eventually got its way. Burned by the experience, the organization laid down the new, stricter set of rules and timescales for top-level domain expiration that exist today.
It’s these rules that will soon apply to the .io domain. They are firm, and they are clear. Once the country code no longer exists, the domain must cease to exist, too, ideally within three to five years. Like a tenant being told that their landlord is selling up and they must move, every individual and company who uses a .io domain will be told the same.
The endurance of physical history
.io has become popular with startups, particularly those involved in crypto. These are businesses that often identify with one of the original principles of the internet—that cyberspace grants a form of independence to those who use it. Yet it is the long tail of real-world history that might force on them a major change.
The IANA may fudge its own rules and allow .io to continue to exist. Money talks, and there is a lot of it tied up in .io domains. However, the history of the USSR and Yugoslavia still looms large, and the IANA may feel that playing fast and loose with top-level domains will only come back to haunt it.
Whatever happens, the warning for future tech founders is clear: Be careful when picking your top-level domain. Physical history is never as separate from our digital future as we like to think.
.io could be repurposed from “Indian Ocean” to a different acronym like “International Organization.”
LOL, this very article is being hosted on the ‘.to’ country tld belonging to the Kingdom of Tonga.
Thanks to GitHub this wonderful article, that made me opt for another domain for my recent project a year ago, is now… drumroll under an .io domain too: https://tamouse.github.io/blog/politics/2019/10/02/why-is-the-io-domain-problematic.html
Irony much.
Anyone else potentially see a problem in which a single organization oversees all name usage and can arbitrarily decide to break a good majority of the internet over stupid shit like this? Or are we all just fine with a single American based entity being able to decide what domains are valid and not?
I think it’s more of a historical accident that nobody really finds ideal, but there is also no good alternative solution that has a critical mass assembled behind it.
It all started with Jon Postel just taking on the job of keeping track. This is an interesting topical document: https://www.rfc-editor.org/rfc/rfc2468
So it’s basically because of laziness or lack of effort that no one wants anything better, or even just different. And that means ICANN/IANA can just casually break countless internet domains and cause a decade of internet bitrot at the drop of a hat and no one will challenge them over it.
no one wants anything better
More like there is nothing better people can agree on. You might like SCION with it’s RAINS architecture, where the trust anchors are local to the isolation domains. This way you could build up name resolution where you only depend on the local ISPs that form the core of your isolation domain. In my team we are supporting SCION, in fact we are in the core of one ISD, but the uptake on the customer side is relatively low so far. There are two or three niches that are using SCION more, but not RAINS yet, as far as I know.
even just different
Just different is not really attractive, unless people feel like IANA is really messing things up, or the US is exerting undue influence over it. So far they seem to have avoided making that impression widely.
Those countries are free to build out their own tcp/ip networks and configure them however they like. North Korea did it, how hard can it be?
Who says they need to go that far? One can build alternate DNS systems without self-isolating, in fact they should. Air-gapping like you suggest is extra work and not necessary to implement new domain registration control and DNS root servers. Also it kind of defeats the point because it isn’t a stand against IANA it’s saying build your own internet, not take back the one we already have.
Also it kind of defeats the point because it isn’t a stand against IANA it’s saying build your own internet, not take back the one we already have.
The US created the internet and created IANA to manage it. You’re not talking about taking it back, you’re talking about taking it. If you want to control it you should build your own, like the US or North Korea did.
I disagree, you speak like the united states owns the internet. No one owns the internet. That also means no one actually has to follow IANA’s rules, why should they wall themselves off and build out their own air-gapped infrastructure just to circumvent problems imposed by IANA if IANA and the USA don’t actually “own” the internet. You can’t take the internet because no one owns the internet, get this shitty idea out of your head, internet doesn’t belong to anyone, it’s all of ours. That also means people, organizations, and countries (especially countries) are free to use alternate DNS systems with either partially or fully forked DNS Root servers.
If you want to control it you should build your own
Besides the self-hosted DNS servers for Pretendo, AltWFC, and a few GameSpy games (which I also host the servers for) I have no intention of actually doing this, but I am pointing out that no one has to, nor should they, go all out like you suggest if they wanted to do this. They do not need to build out separate internet like you suggest to control their own Domain name system.
The US did not “create” the internet. It was one of the contributors certainly, but what makes up the internet and several of its components is international work. Much of TCP is influenced by the french Cyclades, http was developed by a brit, ssh was created by a fin, ftp is the work of an indian. Arpanet certainly had a lot of influence, but claiming the US created what is the internet today is incredibly wrong.
Regardless of who created the underlying tech, the internet is the result of taking ARPAnet, a US department of defense project, public. The US absolutely created the internet. There’s nothing stopping other countries from using those techs, bypassing IANA, and creating their own networks if they don’t like the US controlling the backbone of the network they created.
Let’s pretend that the US created the internet as a whole and that it wasn’t created by a joint effort from different actors around the world. That still doesn’t mean they own the internet today like you continue to imply. And consequently means that any group, organization, or country which chooses to deploy alternate DNS Root servers (forked or fully custom) on their own DNS providers is well within the right to do that without needing to build their own internet, and simply use all the non air-gapped infrastructure they have already.
Yes, Anyone Else has been seeing problems since the days of Bell up through the development and privatization of ICANN and beyond. But outrage over “a TLD is no longer delegated” is stupid shit. Where should ICANN be based and how would that influence its decision making processes?
I don’t really think ICANN should be based anywhere or really have any say, or I guess even exist at all. I’m a strong believer in a decentralized DNS system not controlled or designated by a single, all powerful entity. With how important it is and how much breaks if it gets compromised either by outside forces, or by internal corruption, it makes sense that something like this shouldn’t be so centralized and vulnerable.
How do you get to
lemmy.world
andevery.to
in a world without a common, public namespace? Shouldlemmy.world
be registered in every country? How do SSL and trust in identity play into all this?
It’s strange to me that they wouldn’t simply reassign control of it to another… erm, what’s the word?, at least for the technology-related domains.
I was wondering the same. It’s a very popular TLD, so you’d think they would grandfather it in as a generic (non-country) TLD like .net or whatever.
Country code domains are decided by international agreement on two character abbreviations per country, and IANA needs to abide by that.
For example, can you imagine IANA caught In the middle of whether ‘.cn’ should be owned by China or Taiwan? What a disaster that would be. Their only sustainable approach is to stay out of it, and just follow what the UN says
I generally agree, but .io stands for “indian ocean”, which isn’t a country.
“Territories of the Indian Ocean” which had been internationally recognized as a political entity and is no more.
An important consideration is what if something becomes internationally recognized with that two character abbreviation? How is it IANA’s business to disagree with the world?
at least for the technology-related domains.
It’s not a technology related domain though; it’s a country’s domain that happens to be used for a lot of tech.
With the country dissolving, the domain does too, so it can become available for future countries.
Wouldn’t the country and domain dissolving mean it can be reassigned? I don’t understand why after that it would still be considered a country TLD only available for future countries.
Because 2 letter tlds are reserved to be issued to countries. Ideally the country’s 2 letter country code.
https://en.m.wikipedia.org/wiki/Country_code_top-level_domain
All ASCII ccTLD identifiers are two letters long, and all two-letter top-level domains are ccTLDs.
An important piece of history missing from this article is that back when IANA was formalized, they realized they couldn’t be the ones to arbitrate country level domains. There was already an international organization formalizing two character codes for country names, so they basically said that would be the decider.
In the same way, it’s not up to them whether to recognize a country’s existence, they rely on that international agreement and they need to abide by that
This is about .io being a country code and that country ceasing to exist, so .io will be retired. I say who the fuck cares, release the
kracken.io.The fact that an insane number of sites use it makes it a big deal. If it dies, there will be plenty of dead links
By “release the
kracken.io” I’m saying make it open for general use that is not country specific. We already have tons of domains, I see no reason why this has to be retired.deleted by creator
As in don’t retire it. JFC.
Tangentially related, but I love how http://ai is an actual website that you can visit. We’re so used to thinking of websites as
<something>.<tld>
that it’s really weird to see a website hosted directly on a top level domain with no subdomain.it does not load for me
edit: oh it does not have https, wow
This is just yet another “fuck you” to the Chagossians, for whom it could have been the next best thing to reparations if they were given control of it.
deleted by creator
But ambiguity is the worst thing for a top-level domain. Unknowingly, this decision created an environment in which .su became a digital wild west. Today, it is a barely policed top-level domain, a plausibly deniable home for Russian dark ops and a place where supremacist content and cyber-crime have found cover.
So much drama.
“Supremacist content”, “dark ops”, “cyber-crime”.
“The free world” has recently equated itself to Hitler at least two more times, and somebody’s worried that there are places with less censorship.
Also my anecdotal experience with .su domains is better than with .ru domains.
I guess by “cybercrime” they mean piracy, because that’s the main thing I’ve seen .su used for.
Well, the main thing I’ve seen it used for are old homepages and hobbyist sites with web design from year 1997.
If that’s what they mean by cybercrime they’re bigger bootlickers than I originally thought. Like it’s one thing to not want to support piracy, it’s a whole nother thing to outright say the quiet part out loud. Which, yeah that’s what they just did if that’s what they really meant. It’s already bad enough that they supposedly want domains to be aggressively policed, I mean like I said in my other comment, serious “no swearing allowed on the internet vibes” going on from how they wrote that part…
Come to think of it, I only know two .su domains and they’re pretty great…
Let me introduce you to a third one ↑
I don’t know any but I’m now of the opinion that they should be reassigned to Superman.
? edit: oh, piracy! cool :]
It’s really weird that somebody wants more policing at the top level of domains? Like seriously this is giving off the “There should be no swearing allowed on the internet” vibes.
Well, if you want my version, centralized DNS and centralized PKI reliant on bureaucracy are all wrong.
Identity providers should be a thing, and under one identity provider there should be ability to fix whatever domain name one wants, the act confirmed with cryptography. The providers themselves should technically be identified only by their public keys, and those should be listed in directories similar to yellow pages, changing very rarely preferably, where a key is listed against provider’s company name, phone, whether it’s paid or not, etc. Such directories being shared should be the only thing centralized here.
Our world has a lot of ugly, inefficient and vulnerable systems.
But the worst part is that common gaslighting or madness or whatever, where people act along unnecessary inefficiencies they themselves don’t need, like sheep watched by a shepherd dog. It’s obvious that various trash in governments wants systems vulnerable and centralized. But that’s what only they need, and only a handful of technologies they’ve rebuilt after that need. I don’t understand why the rest build bad systems where they don’t have to and don’t need to, or eve prefer bad systems where they have good ones.
It’s similar to the question of why people subject to genocide often don’t fight for their lives, at least until it’s too late.
Agreed, these systems are far too important to remain as centralized and vulnerable as they are currently. It is in governments’ best interests but not our own that they remain this way. Hopefully in the future things do change, I imagine the biggest push away from centralized DNS and centralized PKI will be from the fallout of shit like this breaking stuff and losing money.
In a way, I understand, .yu was removed years ago for instance. Here it is because .io is pretty special for geek and all
Counterpoint: .su still exists
So the .su domain was handed to Russia to operate alongside its own (.ru). The Russian government agreed that it would eventually be shut down, but no clear rules around its governance or when that should happen were defined.
But ambiguity is the worst thing for a top-level domain. Unknowingly, this decision created an environment in which .su became a digital wild west. Today, it is a barely policed top-level domain, a plausibly deniable home for Russian dark ops and a place where supremacist content and cyber-crime have found cover.
I seems IANA would like to not repeat past mistakes.
Yes but it’s unregulated and like most unregulated TLDs it has become a cesspool of malware and dark dealings. I don’t think anybody would never if that were to happen to .io.
at the same time they’re allowing any tld to who’s willing to fork $100k per year. So just sell the management of the tld
Not any, this is a 2-letter TLD
Yeah, really want musk to buy it…
As much as I understand that some tiny countries need every source of income they can get, I still firmly believe that regional TLDs should only get to be used by users relevant to that region. Or else they just have no meaning at all.
That was my mini rant. Thanks for attending. That is all.
I think .io will continue to exist as a generic tld
ICANN specifically set aside all two character TLDs to be for country specific codes. There’s only a few cases where they kept ex countries TLDs around and phased them out over several years. It would be an entirely new precedent if they did keep it. So I wouldn’t depend on it
Crypto scammers and self-hosting Jellyfin/Plex users: “Don’t touch .xyz…”