people lose domains by forgetting to renew all the time. major corporations do it. do you want people to be compromised/have their identity stolen because they forgot to pay 7.99 to ICANN?
Forgetting to renew a domain is much harder than it used to be [1]. ICANN rules require 2 reminders prior to expiration and 2 notifications after expiration. They also require a 30 day minimum RGP (redemption grace period) where DNS doesn't resolve and you can still recover your domain.
If anything, I think having a domain tied to multiple services that break when the domain expires will help people notice so they can redeem within the grace period.
Impersonation via an expired domain might be an issue, but that's already a problem we have to deal with and I don't see how it could get significantly worse, especially since services could put up warnings when domains move between accounts.
yes, I prefer this to being kicked out because my child needed medical care and I followed the doctor's advice. Or my device vendor considers the device 'too old'. Or any other arbitrary reason.
Where I live domain contracts auto-renew. And have reclaim processes.
The doctor's advice is probably the father who got booted out of the entire Google system because he sent the pediatrician a photo of his son that the AI classified as CSAM, and Google refused to reinstate access to his data despite a ton of media outrage.
It’s not like ICANN is guaranteed to not kick you out for “hosting illegal child pornography and advocating organized violence”. It will happen once enough individuals starts relying on DNS.
ICANN isn't in control over DNS because thats some platform they own but because they are a public institution and managing DNS is their mandate. Consequently, they don't get to nuke your domain and then tell you to pound sand.
ICANN also cannot boot your domain directly - they only control the root zone and delegate responsibilities. Maybe for gTLDs they have some say but if you get a ccTLD then the only one who can kick you off is the corresponding country - and if it is your country then that greatly improves your chances of pursuing legal action if your domain is taken away without due process.
The Doctor's advice I don't get the reference¹, but for deprecating a device this could be a concern if your phone or similar device suddenly stops working² and that is required to prove who you are.
--
[1] perhaps searching for some officially, erm, unsupported medication resulting in getting blocked by a service that list closely enough linked to an identity provider that the ID account is locked also? — seems a stretch
[2] or is lost/stolen – a potential problem with any physical security token or virtual token if you only have it associated with a single device
examples are numerous. There was this father who sent the doctor photos of a medical problem of his child and the trustee of the digital identity locked his account. With all his digital life, payment channels, communication, you name it. Even the police asking the trustee to unlock was of no avail. https://www.nytimes.com/2022/08/21/technology/google-surveil...
Or there is this munich company whose employee visited it's parents and immediately the company github account got locked. Parents happened to live in Iran.
That's not a problem. I don't mean that in the sense that it doesn't happen. Rather that the market succeeds despite it. People forget to pay fines, mortgages, taxes -- the system has rails to put most back on the correct path. And the failure isn't permadeath. Your domain expires and life goes on.
There are also protective mechanisms to prevent your domain from expiring. You can pay a balance in advance. Pay for "renewal insurance", etc. As more people use the system, it will grow even more safety rails.
Replace 'domain' with 'identity' and you have a very scary proposition. This is just another form of 'code is law' and doomed for all the same reasons. Bugs and exploits become severe threats to your wealth and well being. As much as we hate to depend on institutions and 'other people', depending on computers program is inherently worse.
If you use your domain for email, you already have this problem.
This problem isn't new at all.
Would you rather have a situation of ownership with responsibility or no ownership at all?
The "free" alternative is a crypto like identity, and there's zero restitution if you lose your key. People will struggle even more with this. At least with domains there is a legal framework if you're paid up.
