It's not going to end. Verisign was allowed to increase the wholesale price to registrars for .COM domains by 7% each year in 2020, 2021, 2022, and 2023.
Because DNS over HTTPS (DoH) is browser based instead of OS bound, it is actually much easier to have browser instances that point to a different DNS root (or multiple DNS root services).
A lot of people have been very negative about browsers adding DoH but they're missing the big picture: We now have a real opportunity to create competitive roots/new DNS.
Browsers really need to look at allowing multiple DoH connections concurrently that resolve different namespaces. I'm legitimately surprised this hasn't happened already.
"Because DNS over HTTPS (DoH) is browser based..."
Is DoH browser-based. Optically, yes. Technically, no. I use it outside the browser every day.
No disagreement with rest of comment. FWIW, I have run own custom root for decades, creating new "TLDs" and "domainnames" as I please, but also I have experimented with a non-DNS naming system just using a proxy. Maybe this sounds too simple, but the thing is, it is just as fast as DNS, maybe even faster. If everyone runs the same proxy software, and we share the list of names, it just works. This is 100% outside the browser. No reliance on ICANN and no reliance on Google/Apple/Mozila/Microsoft/Brave.
> Is DoH browser-based. Optically, yes. Technically, no. I use it outside the browser every day.
I don't understand what you're trying to say. Firefox and Chrome have an individual setting for DoH that doesn't depend on the underlying OS's DNS configuration/resolver.
Therefore, you can run multiple instances of either browser (using profiles) that point to different DoH resolvers or are different from the underlying OS.
This is very similar to using TOR in a browser instance but with even lower friction. Currently, the biggest friction is that one profile cannot point to two or more DoH resolvers at the same time, and instead you need two browser profiles for two browser instances that resolve to different endpoints.
What I mean is it looks to the observer that DoH is browser-based. But actually it is more flexible, it's HTTP-based, so any HTTP client, not just web browsers, will work. I wrote a simple HTTP client for this and it works well with most DoH servers. One limitation of all DNS implementations (cf. protocol) is that only one answer can be returned per request. You cannot put two queries in one request and get two answers. You must query one name at a time. With DoH, you can send multiple queries in a stream of HTTP requests (HTTP/1.1 pipelining) and receive all the answers over the same connection. curl, wget, etc., cannot do this thus I wrote a client that can. Currently, I can use over 40 different DoH servers.
I do understand your point, anyone can run a DoH server and could serve "alternate DNS" names. I just wanted to make clear that DoH is not limited to use with the popular browsers. It can be useful outside the browser.
I think the huge amount of domain camping implies that .com could stand to be a whole lot more expensive to hold and do nothing with. If you're using it for something important, $20/yr probably isn't going to break the bank. If anything, I think it should be much more.
13 year old me would disagree. A .co.uk domain at the time was if I recall correctly about £5/year, equivalent to a week's wages from my paper round. A .com was around £12-15/year which I found too expensive. I learned a lot hacking around with DNS, subdomains, etc. and I wouldn't want to price today's kids out of doing the same. Saying that, back then there were only a few TLDs to choose from. I guess if there are still at least _some_ super cheap TLDs available then I probably wouldn't mind if .com in particular got more expensive given it seems to suffer the most from squatting.
There's probably ways to monetize now that aren't trivially bypassed with a line of JavaScript. Think CloudFlare and their app injections. New Namezero could require you to use their ad-injecting/enforcing nameserver.
Whoever said anyone ensures a .com is credible? I don’t think anyone said a .com guarantees credibility. I said, other tlds aren’t as credible, and everyone knows that.
Oh, please. Technology is deflationary. Significant, repeated, above inflation price rises aren't the fault of users: it's the US Government enabling monopoly corruption.
What value do you imagine Verisign provides? Verisign has nothing to do with .com's reputation. Most people have never heard of it. They didn't even run it until the peak of the .com bubble when everyone had already made their associations with .com.
It currently costs me 3x$8.18 a year to renew my personal domain, my parents, and a hobby site. It will cost me $409ea over the next 50 years. $1200 vs $3000 isn’t nothing to me.
That seems like taking it to a logical absurdity. A developer making okay (non-SV) money right now with only cost-of-living adjustments for the next 50 years (assuming they'd work that long...) will make over 10 million dollars. $3000 is nothing on that scale.
> next 50 years (assuming they'd work that long...)
I don't think this is reasonable, even if you started working at age 20 at a FAANG, you're not going to work until you're 70.
Keep in mind this industry is very ageist, you'd be lucky to even get 30 years of high salary income if you're not exceptionally good. That's assuming you don't burn out.
I'm surprised folks still use unrealistic examples such as these to move discussions in a certain direction.
> Keep in mind this industry is very ageist, you'd be lucky to even get 30 years of high salary income
In the valley maybe, at a FAANG. In the regular world, esp F500 companies, there are lots of old folks. I work with several developers in their 60s. Could they get Google to hire them? Maybe not. They're still pulling down middle 100s.
> I'm surprised folks still use unrealistic examples such as these
You're referring, I hope, to the original comment that $3000 over 50 years was a deal breaker. I am not the one who thought that a 50 year time horizon made any sense at all for this discussion, I'm just playing along.
Namesquatting has the effect of increasing prices so, no, there is no price at which namesquatting would be disincentivized. In fact the higher the prices the more appealing it becomes to our friends on wall street.
> Is there a price level at which the nerds say "fuck this" and create new domain roots without ICANN?
Namesquatting, ticket scalping, house flipping, Amazon book reselling, quant trading, etc. are all forms of arbitrage. There exist buyers who are willing to pay significantly more than sellers are willing to accept. Somebody gets to the seller first, buys the good, sits on it, and waits for one of these high-demand buyers to show up, then charges them the maximum that they're willing to pay.
If the seller just raised their prices, there would be no profit for the arbitrager. They would capture all the consumer surplus and deal directly with the buyer. If Gandi charged $1B for a .com domain, nobody's going to namesquat - they'd lose too much on the common English words to make it up from the major corporations.
I suspect a lot of the problem is the extreme power law in how much people are willing to pay for domains. Dropbox.com or Facebook.com is a bargain at $1M for DropBox and Facebook, but nobody is going to pay $1M for their personal homepage, and few local businesses are going to shell out more than a grand for a restaurant domain name. That indicates that perhaps some better pricing system (auctions?) is required. $16.99 is way low for a business domain name though.
Exactly. Arbitrage will always be appealing in a free marketplace. As the (market) prices continue to go up those of us at the bottom will get pushed out and those with more capital will stay in, until it balances itself at some point.
The problem is that point is far beyond anything that resembles the Internet today. This is why the marketplace is administered by a non-profit for the benefit of the public.
Perhaps I'm misremembering but domain squatting was an issue for the last 20 years. Before "wall street" got a hold, I'm sure regular people like you and me just bought domains and sat on them for a while.
I know I used to try and guess which domains to buy and hold for some time but by the time I figured it out, those domains were already reserved.
It was also us engineers that figured out you can query ICANN for expiry information so you can catch domains that expire and steal them from other people. Not sure wall street had anything to do with that.
I invoked Wall Street because the capital involved right now probably isn’t worth their time. When domains cost 4+ figures from the registrar then maybe it’s worth paying attention to.
This is all a response to the question of what point squatting is too expensive to continue. I submit that it can’t be.
It's usually pretty easy to get a .com if you're willing to put a prefix like "get" or a suffix like "app" on it or something -- or both ("getbluebirdapp.com" isn't taken). Or combine the brand name with the product class ("bluebirdhumidifiers.com"). Or any non-obvious two-word combo, really.
But yeah, if you want a .com that's a single-word brand name without any prefixes/suffixes, basically everything's been taken for a long time.
Definitely! You need to be a bit creative / flexible, but it's quite practical. I probably have about ten, all in active use and most of them registered within the last five years.
I have been in your shoes and I honesty feel your pain.
I'm trying [0] to fix that and hopefully be a part of the solution. Renewal price increases won't magically prevent people from squatting, so that's pure milking by the VeriSign monopoly.
I've registered multiple 5 letter brand name .com domains in the last five years. They are out there, it just takes time and creativity to find them. 6 letters and more are even more abundant.
It could also indicate that it’s relatively cheap to sit on domains for 20 years, patiently waiting for someone to pony up. It’s not like valuable domains are more expensive to renew.
then maybe it should be forbidden to renew domain if you haven't use it for a year instead of increasing prices for everyone, how convenient for domain registrars
How would they define “using it”? I’m guessing there would be easy ways to skirt around any automated system that checks for whether a domain has been used. Update the text on the “for sale” landing page? Look, I used it!
Two of the websites I use everyday do not even require a domain name. I just use the IP address. With the rise of shared hosting especially driven by added costs of https, it's not possible to use IP address with most sites today but it's sure nice to be free from the ICANN DNS cartel and to not have to run DNS software. Before long, I have the addresses memorised. I never try to memorise them, it just happens automatically after a while. Reminds me of how we memorise phone numbers.
That's remarkable to me - I feel like my internet life hasn't been so sheltered not to come across this before, but it also feels so obvious in retrospect. Do share some examples if you don't mind.
There are undoubtedly many, many more examples across the internet. FTP servers, along with HTTP mirrors of those FTP servers are some obvious examples where hostnames are often not required.
There seems to a web developer-driven, cargo cult mentality against use of IP addresses, but AFAICT search engines do not try to hide IP addresses; I sometimes get them in SERPS.
Historically IP addresses were supported in smtpd software, too. For example, qmail still supports IP addresses, if enclosed in brackets.
I am the client not the server. Maybe you are asking whether I check the CN or compare the certificates every time I connect against ones I have stored locally. I could, but for these two sites I don't. Am I worried about someone spying on the local rain radar images or wind speed data I am retrieving. No. There's nothing confidential about this information. Nor am I worried about being secretly routed to an "evil weather service impersonator" without me detecting the change. One of the adresses belongs to a government agency. These addresses do not change often, if ever.
Doesn't Lets Encrypt allow IP adddresses for the CN.
I'm not sure if the concept of "inflation" really applies to a situation where a company was effectively gifted monopolistic control over something in exchange for "promising" that they wouldn't do exactly what they're doing.
Edited: in more detail from thread[0] last year:
[0]https://news.ycombinator.com/item?id=22292348