The fact that people were registering .ml domains for projects like this is mindboggling. There are many TLDs to pick from without infringing on the terms of use of a country-specific one.
My thoughts exactly. You should not be choosing TLDs that are volatile to upsets like this. Stick with the tried and true .com or .net, or one of the new TLDs that are not bound to a nation (unless you can comply with the stipulations) or particular type of organization.
.com and .net are under US jurisdiction they are not stateless. I could also see why the original lemmy developers would not want to use such a domain.
That may be technically true, but both TLDs are ubiquitous and it’s extraordinarily unlikely that the US will suddenly start confiscating millions of .com and .net domain names operated by non-Americans.
Nobody said they would confiscate millions of com or net domain names or random non-Americans. We are talking about the lemmy developers specifically.
But there is no reason to get a US registered domain as a non US citizen who is also not hosted in the USA.
I really doubt they’d do that either.
Even gTLDs aren’t entirely safe. .dev is iffy right now because only Google can give those out and Google domains is going away.
Google domains is going away
What the hell, how am I just hearing about this now?
They didn’t even tell domain holders.
Yeah I wasn’t thrilled when I heard the news. I have one maybe two domains with Google and I’m going to be shipped off to somw third party for my renewal. I haven’t checked but I’m pretty sure the domain business is being sold to one of those “build your website with us in half an hour” companies and I just cannot wait for the go-daddy like service…which I left go-daddy because of.
I think they are selling to square space and I think their website builder is pretty damn good actually, but not sure if I’d want to buy a domain from them unless it’s for a site hosted on squares space. I mean, they don’t exactly specialice on selling domains, but then again not really did google eather so we’ll see how the service will be I quess.
.dev was stupid from the beginning due to how many local domains like that…
Alright https://lemmy.zip it is!
Edit: No way someone already did it
Hello there stranger. As completely factually appointed ambassador of lemmy.zip, I’d like to extend a warm welcome to all and am glad to see you’ve discovered our existence.
Zip is the dumbest TLD of all. It is a phishers dream come true. invoice.zip explains it.
damn that theme is nice
I’d like to mention that Google Domains and Charleston Road Registry are two separate entities. One merely sold domains and the other submitted TLDs to ICANN.
Or if you absolutely have to, choose the TLD of a country you live in.
That works, too. I’m on lemmy.ca. Buying a .ca domain requires confirmation of citizenship or other qualification before you can even use it.
Back in the day, like early 90’s when they were managed by the university, they also hand reviewed each request. I had a customer with a registered company name something like “Wood Supplies Canada Inc.” and they wanted “woodsuppliescanada.ca”. They rejected it because “…canada.ca” was superfluous …
If I remember correctly it’s an honor system thing. You need to declare your a citizen or PR or something
You don’t even need to be a citizen or PR, you just need to have “a Canadian presence”, which can be as simple as owning a trademark registered in Canada
Other countries have different requirements so it’s good to always check in any case.
Agreed. I went with lemmy.ca since I’m Canadian and the instance is in my country.
I also heard Lemmy should perform a little quicker for me too this way.
No, practically speaking the domain name should have no effect on access time. DNS has so many layers of caching that as long as SOMEONE has accessed the website nearby (including you), the domain lookup will be local and therefore fast.
Anyway, DNS lookup times, even slow ones, are still not going to be noticable to the end use originally.
No, I meant the instance itself. The server. The one who runs lemmy.ca is here in Canada with me.
It’s like when playing a game; You choose servers closet to you for the lowest ping time.
The other reason I neglected to mention was I like to support local. 😎
It makes a difference for a game, but it’s not really significant for a website.
The server load and resources will have a much bigger impact on performances than geographic proximity.
And you spread that server load by selecting different servers. While what you’re saying is technically true, in a practical sense if everyone picked a more local server that would be one way to achieve what you’re saying.
Do people not remember back in the 2010s when bit.ly was the main link shortener used everywhere on the internet, and then Ghadafi, the then dictator of Libya, declared the site to be incompatible with Muslin decency norms because it was used for porn? And then all bit.ly links were just dead links?
How many times do we have to learn this lesson? Domain name hacks are fun but just not worth it. And in 2023, now we have all the new TLDs. This was a dumb decision
For anyone that wants to learn more about internet domains, the MKBHD Waveform podcast has an awesome episode about this topic. It’s a super interesting listen where they talk about how the internet works and one of the organizations behind it (ICANN).
ICANN and the 7 Keys to the Internet
Dang I hope lemm.ee is safe. Hopefully Estonia doesn’t decide the same.
Well, I’m an Estonian citizen at least 😅
I didn’t even consider .ee to be a country domain. I thought you used it for the catchy name.
That’s pretty cool.
afaik all the two-character TLDs are for countries
You are correct, all two-character TLDs are country-code.
🙏
Well, and it’s not like this should take anyone by surprise, it’s been 10 years coming. Unless Mali was telling people not to worry and then did an about face? I haven’t seen anything to indicate that.
The fact that people were registering .ml domains for projects like this is mindboggling. There are many TLDs to pick from without infringing on the terms of use of a country-specific one.
Quoted for emphasis.
This is terrible news to me, as an OCaml’eer.
There goes all my potential cool project domains … 😭
but ML also can stand for Marxist Leninist and im sure has been the the way it was read by most early adopters
The official and authorized use for the TLD is an association with Mali. It doesn’t matter what hip new meaning us internet dweebs want to assign to it.
Yes, and q-tips aren’t for cleaning your ears.
The difference being that Unilever won’t confiscate your Q-Tips for cleaning out your earwax.
Yet.
lmao, sure, the ear wax cops are gonna show up at your door to raid your garbage cans for waxy cotton swabs
Kinda funny considering they got the ml domain to mean Marxist-Leninist and then would get fucked by nationalization
They didn’t.
I was thinking the same thing lol
No, stop spreading this nonsense, it was never chosen because of that. It was used because it was free and the developers don’t care about creating funny names with the DNS or for glorified expensive DNS.
deleted by creator
Hey, that is me from the past.
Or machine learning. There’s at least one ML based project that got a headache out of this yesterday.
They needed the one that stood for “marxist-leninist” is why, in case you were unaware.
Which is pretty funny, because as far as I can tell, they’re actually Stalinists.
I don’t pretend I can make sense of them, I just know what was claimed when I showed up 2y ago. I think the stalinists are mostly the ones that broke off to form lemmygrad iirc, as lemmy.ml was supposed to be a marxist-leninist deal, and it was one until the reddit exodus.
Turns out it was free for a reason. 😅
I’m just pretty staunch about not paying for a domain name, they add no value whatsoever
Heh, what a tool. Nothing’s stopping him from just using ip addresses, or the reverse that whoever provides the server ip almost guaranteed have set up. But no, he wants a fancy looking one, so it HAS some value or he wouldn’t need one, and a domain require name servers, and people administrating and maintaining it. He just don’t want to pay for that part. And come on, a domain is like 15 dollars a year?
Bear in mind this was two years ago. Lemmy was small back then. I can understand someone not being able to justify the price of a domain name at that scale.
Getting a .com or .net is on the order of 20 $USD per year. Having a state attempt to claim the name is an uncommon thing (compare having a state’s domain registry be transfered to another agency or expire). Consider how long megaupload ran under a dot com name while flagrantly violating copyright laws.
The registrar that .ml uses also managed .tk and has had many allegations of hosting malicious sites ( https://en.wikipedia.org/wiki/.tk#Abuse ) and is in the process of falling apart ( https://news.ycombinator.com/item?id=34194555 ). This should have been a warning back in June when the .ga domain by the same registry was lost (and the lawsuit against the registrar back in March).
https://forum.infinityfree.net/t/all-freenom-ga-domains-are-taken-down-by-registry/77131
Freenom is in hot water right now. New registrations have been disabled since March, primarily due to a law suit from Meta. The company is also under investigation by the Court of Amsterdam since late last year due to a dispute with an investor, and in general doesn’t appear to have been profitable since 2016. Meanwhile, the contracts for many of the domain extensions they manage are coming up, and it is possible that Freenom may lose control of other extensions (like .ml, .cf and .gq) as well, which may result in free domains getting deleted.
Therefore, we recommend that everyone who currently is using a Freenom domain should prepare for the event that domains with their other extensions may be lost as well.
For funding, Lemmy has been funded by grants from NLNet for the past several years ( https://lemmy.ml/comment/479066 ) sufficient enough to pay for the two devs to work on it full time.
I find it not entirely credible that .ml was chosen because it was free. Maybe because they were able to get a nice name there, but that’s possible on other domains too.
In the meantime, other sites with .ml domains should probably start working on a migration path sooner than later as it would be easier to do the migration when both ends of the migration are trusted rather than trying to cold start.
Well 2y ago that’s what the marxist-leninists here claimed anyway.
Btw, that link either leads to the wrong post or jerboa is broken lol, however from the “nope” I can infer that it is meant as a refutation so fuck it.
Here’s a quote from dessalines on said post that explains it:
Its just a free domain, like .tk or .gq. I’m just pretty staunch about not paying for a domain name, they add no value whatsoever, and buying them feels like acquiescing to the digital enclosure of the commons.
So then in a sense it is marxist in nature, as this answer hints to marxist values with “buying them feels like acquiescing to the digital enclosure of the commons.”
However when this place was all marxist-leninists 2y ago, they made it very clear that it was a ML instance, by ML, for ML, and they claimed that .ml stood for marxist-leninist. As to when they decided that was no longer the case I have no clue, but that was the claim until redditors came and drowned them out a bit.
The comment was made 2 years ago - but as to whether it’s attempting to masquerade the real reasoning behind it, I can’t really say since I’m not the devs. I just thought it was worth copying over the comment contents since you mentioned you couldn’t see it, I figured there might be others who couldn’t as well!
I do appreciate it, the link for some reason leads to a completely unrelated post, but it looks like others can see it, so I think it’s a Jerboa issue.
True, we aren’t the devs so we can’t know their true intentions or thoughts, but I have my suspicions. If I trusted everyone all the time I’d be helping OJ look for Nicole’s killer rn.
(This is what the link loads for me btw)
Certified Lemmy Moment
It’ll be fun when Tuvalu decides to take back .tv
1/12th of their national income is from .tv so they’ll have sunk before that happens…
But isn’t that day also nearing at a drastic rate? I feel like they’ve been on the brink to Atlantis for a while now.
AFAIK they won’t pass this decade, yes
Damn. How does that work out logistically speaking?
It’s a major human rights crisis that no one really talks about.
Climate refugees will have to find new homes. I would imagine New Zealand and Tahiti would absorb the couple-thousand people as they are the closest larger Pacific Island nations. Australia is less friendly to immigrants.
Or the British Indian Ocean Territory
.io
Or for me, personally, for my email, for my lemmy instance, for everything, if Montenegro takes back
.me
At least Montenegro profits from .me
The Chagos Islanders get nothing from .io which is controlled by their oppressive colonizers.
It looks like the TLD was sold off to a private business by the Internet Assigned Numbers Authority in 1997, with those rights subsequently being sold on to other corporations.
The British government have issued an FOI response advising that they recieve no funds from .io domain registrations. The Chagos Islanders still don’t benefit, but it looks like that’d need to be squared with a hedge fund rather than a government.
…It is weird that territorial domains can be auctioned off in the first place though.
I believe they sold the rights to some US company who is now managing the tld.
They specifically decided to profit off the fact that’s it’s an attractive tld, unlike tld like .ly and .ml where the country never intended for their tld to get a wide use.
Thanks for the image, I didn’t know FMHY had an official response, good to know they had backups…unlike me who lives in eternal danger.
I’m confused why backups would even matter. Are the servers physically hosted in Mali and the government seized them?
Because if the government just invalidated the domain, that’s completely different. In that case a server device with everything on it still exists in the same place it always did, it’s just DNS that has changed.
(And yes, I understand that losing the domain name and the certs attached to it would be a big deal, but there’s no data loss, hence no need to pull from backups.)
And maybe some configs. Letsencrypt is great but SSL is still kinda a hastle
Edit: oh and if Lemmy has any sort of like unique IDs for usernames at a given domain. Could be something on the backend that keeps a unique I’d for each user encountered in the event a user migrates between servers. Mastodon notifies me if someone migrates.
Well, to begin with we didn’t even know what the heck happened, so being aware that our data is safe is one big relief.
I don’t remember the name of another growing instance that just disappeared (different issue I guess) I don’t recall that their users ever got their data back again.
*affect.
thanks for the humorous takes, but what’s the verdict…? and what’s the next step, download posts and settings and move elsewhere?
Is there information about this situation with Mali government about ml domains? I cannot find anything about it.
Though apparently some
ml
domain receives a lot of accidental US military emails :).Basically Mali took management of it back off Frenom.
Thanks! Found one article from Tuesday about it: https://domainincite.com/28897-freenom-is-losing-another-cctld-after-collecting-military-emails
I’ve found several articles similar to this, but transfer of management of a TLD from one registrar to another generally shouldn’t result in breakage of registered domains. And nothing in that article (nor any of the others I’ve found) suggest that Mali plans not to honor existing registrations (which all expire eventually anyway, so they have an orderly way to reclaim things by refusing renewal if they wish).
There’s more going on here that hasn’t been reported (or that I haven’t found) yet.
Hello hello is this working
$ whois lemmy.ml WHOIS lookup for LEMMY.ML can temporarily not be answered. Please try again. ERROR: domain not found: $
But it’s still in my DNS cache
On the technical topic of renaming a domain of a Lemmy server… I think it is worth experimenting with the code. At minimum, I think it should be an option to try and keep the same login/passwords for users from the old install of Lemmy. But even that could prove tricky if a particular domain changed underllying ownership more than once - and user@domain became rewritten by an entirely different person. I guess in the real-world people do often get mail for previous residence of a house.
My biggest concern is legality because Lemmy claims to support privacy. I honestly think it’s a bad idea to claim privacy because you run into so many problems. If the user never knows that their lemmy instance changed names and can’t find it again, etc. Especially on technical topics, 15+ years of having Reddit keep messages from deleted user accounts offered a lot of great search engine hits. With Lemmy, a person moving to a different instance and deleting their account, so much content is going to get black-hole in favor of 50 instances having copies of a meme post or trivial website link - and solid original content (often in comment discussions) gets removed.
On the technical topic of renaming a domain of a Lemmy server… I think it is worth experimenting with the code.
This is unfortunately only possible if you still own the original domain. Think about it this way: if you could migrate domains without proving you own the original, then what’s stopping a bad actor from migrating any domain they want? Keep in mind that Federated servers rely on DNS to verify who’s who – they don’t have a backup system for deciding trustworthiness.
Yes, there’s no technical reason Lemmy has to rely on DNS to establish trust (aside from the fact that changing this would require a massive rearchitecting effort), but why shouldn’t it? It’s possible to switch to a different trust system (i.e.: public/private keypairs), but that doesn’t actually change the nature of the problem – people can still lose control of the private key and blow the whole system up (and, arguably, this is a lot more likely to happen than permanently losing a domain).
At minimum, I think it should be an option to try and keep the same login/passwords for users from the old install of Lemmy.
So, login credentials aren’t actually tied to the domain name at all. A user like
example@lemmy.ml
is simply known asexample
to the server internally. The server doesn’t particularly care if it lives atlemmy.ml
ormicrosoft.com
– if userexample
shows up and gives the right password, they’re allowed to log in. What I’m trying to say is that – assuming that the user database isn’t destroyed – login info would probably carry over without any special effort needing to be taken at all.But even that could prove tricky if a particular domain changed underllying ownership more than once - and user@domain became rewritten by an entirely different person. I guess in the real-world people do often get mail for previous residence of a house.
The identity problem you allude to is not exclusive to this scenario. Let’s use
lemmy.ml
as an example: where did the domain come from? The Mali government. Does this mean that the Mali government ownedlemmy.ml
before it became associated with the Lemmy project? At the risk of oversimplying: yes, pretty much! Prior to 2019, the government of Mali could have created “fraudulent” Fediverse posts under your username, /u/[email protected].With that being said, it’s kind of a silly concern. Despite being partially distributed, Lemmy is not a read-only database (i.e.: not a blockchain). There’s nothing stopping the current domain owner from more-or-less completely undoing vandalism from a prior domain owner by simply asking the other federated servers to delete that fraudulent content. Keep in mind that the domain is not the server; the original operator keeps all of the original data even if they lose the ability to host that data under the original domain.
My biggest concern is legality because Lemmy claims to support privacy. I honestly think it’s a bad idea to claim privacy because you run into so many problems. If the user never knows that their lemmy instance changed names and can’t find it again, etc.
This is not a problem unique to Lemmy. If Google forgets to pay for
gmail.com
, then suddenly a lot of email addresses become untrustworthy. This isn’t a privacy issue because your old emails don’t leave Google’s servers. It is a trust issue, however, since the new owners can now impersonate anygmail.com
address and receive any new email that was intended for the original owner.Not to downplay how catastrophic this scenario would be… but I don’t think there’s any law on the books which would legally obligate Google to operate
gmail.com
until the end of time. Nothing lasts forever and eventuallygmail.com
won’t be controlled by Alphabet Inc. anymore – that’s just how time works. Those bothered by this uncertainty can instead choose to host their own mail server (or Lemmy instance) on their own domain – this won’t last forever, either… but at least you’re in control now.Especially on technical topics, 15+ years of having Reddit keep messages from deleted user accounts offered a lot of great search engine hits. With Lemmy, a person moving to a different instance and deleting their account, so much content is going to get black-hole in favor of 50 instances having copies of a meme post or trivial website link - and solid original content (often in comment discussions) gets removed.
Just FYI: Much like Reddit, comments continue to exist even when the author deletes their account. The user must explicitly delete each individual comment before deleting their account if they want it all taken down.EDIT: This is not actually currently the case, though as far as I can tell the stated intent is to prefer anonymizing comments over deleting them when deleting an account (source). I don’t really get this complaint in the first place, actually… surely both kinds of content would get lost when a user deletes all of their data, right? There’s no button that says “delete all of my stuff, except for the shitposts”.Your Gmail example is very funny because if anyone actually tried to do it, they would effectively DDoS themselves.
Governments could do it effectively.
This is unfortunately only possible if you still own the original domain. Think about it this way: if you could migrate domains without proving you own the original, then what’s stopping a bad actor from migrating any domain they want?
I’m suggesting a whitelist, that each peer has to put in a substitute list of vlemmy.ml==vlemmy.ml to re-federate.
Much like Reddit, comments continue to exist even when the author deletes their account.
That is NOT how the testing code of lemmy_server tests things, nor how the GitHub front page advertises Lemmy.
I’m suggesting a whitelist, that each peer has to put in a substitute list of vlemmy.ml==vlemmy.ml to re-federate.
I don’t see any inherent problem with that suggestion, though it does create something of a sticky situation with things like canonical links. It also kind of goes against what I’ve so far perceived as a “low-maintenance” operations ethos from the project maintainers, so I’m not totally sure if they’d greenlight it. Technically quite doable, though.
me: list of vlemmy.ml==vlemmy.ml
I meant to say vlemmy.ml=vlemmy.net in example
I’ll cite my source, then: https://github.com/LemmyNet/lemmy/commit/1de7a08d973c1079b36e13e087960cc5cd1b345c .EDIT: scratch that, I now see that the stated intent is to retain anonymized comments as Reddit does, but that the functionality is not yet implemented in the main code release for reasons that seem triage-related rather than a change in plans.
I now see that the stated intent is to retain anonymized comments as Reddit does
You cite a conversation from November 4, 2022.
A Febuary 6, 2023 comment from developers https://github.com/LemmyNet/lemmy/issues/2624#issuecomment-1419559651 says “The correct way privacy-wise, is to delete your account through your profile settings, which overwrites all your content to remove any info.”
The intention is to routinely purge all content of users who delete their account. In fact, there are open GitHub issues about serious performance problems in executing this code, even with a relatively small amount of content. Developers in the past 2 days have commented on this and made no mention of intention to retain content.
Well, this is just weird. When I was migrating from Reddit to this fediverse world I chose .ml and thought it was short for “machine learning” which seemed as a cool domain for me at the time.
FYI, two letter TLDs are country/region/jurisdiction specific. There’s an ISO standard for that.
.tv
Tuvalu.me
Montenegro.fm
(Federation of) Micronesia
Some countries append additional modifiers to classify their uses:
.uk
United Kingdom.co.uk
Company- …
Three or more are generic (traditional or new)
.com
,.net
,.org
, …
In some cases, Uncle Sam said “first!” and it stuck.
.edu
Education (MURICA).mil
Military (MURRICA).gov
Government (MURRRICA)
Just like what happens with Mali, what some silicon valley hipsters decide as a ‘fun’ acronym is just that, a fun thought. If the corresponding government decides to take away a specific domain, they probably can.
.edu
Education (MURICA)
.edu
is not only american. For example I know many schools in France have.edu
domains and emails, and I believe it’s the case in many more countries.In 2001 it was limited to US educational institutions only, all registrations prior were grandfathered in.
Although I haven’t got a clue why my non-US university, founded in 2009, has a .edu domain.
I did not know that. That’s not cool
Australia doesn’t. We’re all .edu.au
Edit: here is the list of who uses it. Stands for academia if it wasn’t self evident to anyone else either.
2nd edit: having trouble with escaping characters in the link so it’s defaulting to the ac page when it should be https://en.wikipedia.org/wiki/.ac_(second-level_domain)
And io belongs to the British Indian Ocean Territory.
There are thousands of gTLDs now, though. But most of them are brand names.
What about .world?
That’s a generic top-level domain. It is not associated with any country. It belongs to “Identity Digital Inc.”.
.mil Military (MURRICA)
That is what made this whole .ml problem. Some people have apparently accidentally leaked American state secrets to Mali by typo.
The registar that operates .ml, .tk, .ga, and some others has been having difficulty.
In March they got sued by Meta for operating domains with phishing operations. Their operations have been spotty for the past several months ( https://news.ycombinator.com/item?id=34194555 ). They lost the .ga domain in June ( https://forum.infinityfree.net/t/all-freenom-ga-domains-are-taken-down-by-registry/77131 ).
The issue with army.ml and navy.ml was just the most recent incident and may have accelerated things, but only by days (maybe weeks) as the agreement that the registrar had with Mali was for 10 years and expired the other day ( https://domainincite.com/28897-freenom-is-losing-another-cctld-after-collecting-military-emails ).
This isn’t a new thing - from the article:
Zuurbier said he’s been pestering the US government and military for the last 10 years to get them to do something about the problem. The military told the FT it blocks outgoing emails to .ml domains from its own network. There’s presumably little it can do about emails sent from other domains.
its just that with the end of the contract between Mali and the registrar, the military emails got in the news as now army.ml and navy.ml are controlled by the Mali government rather than the CEO of the registrar.
That’s a poor excuse. If something is secret or higher it has a different TLD. The SIPRnet uses .smil for example. There are also tools at the boundaries that don’t allow going from SIPR to NIPR unless they meet specific criteria. Basically you can only leak those secrets accidentally if they were already on a system they shouldn’t have been on.
Additionally, competent IT would make this fuck up impossible. I’m shocked that they didn’t whitelist TLDs and block all others.
No, it’s Mali.
The rumour is that lemmy devs chose it to mean “marxist leninist” but I think it’s more likely they wanted a free domain name.
The rumor is fake, the devs have said it multiple times. If they would have wanted to do some funny Marxism meme they would have used .su
Maybe they didn’t choose it for that, but to be fair they are definitely and admittedly Marxist-Leninists
Yes, as there are plenty of other developers who are openly liberals or some other flavour of capitalism. You don’t need to agree with the developers political choices all the time to use their software.
Right. My statement was one of fact, not trying to say it’s a bad thing. I’m a Marxist-Leninist as well.
Hello there comrade! Nice to have you here!
This was a lovely exchange comrades
Yeah they are, so if they did choose .ml for that reason they would have no problem admitting it also. So it’s pretty clear that they just wanted a free domain.
Don’t you need to be a citizen of a CIS nation to get a .su domain?
It depends on the registrar.
I mean, I knew it was a country top level domain but I was told Dessalines intended the “ml” as an abbreviation for “marxist-leninist”
That is not true, he has said multiple times it was used because it was free.
Some Lemmygrad dude bragged about that… Should have known it was wrong.
Anyways, thx for the clarification