I know this is supposed to be an april's fool joke, but dang, it reminded me of how much I hate this new unlimited TLD crap. I don't really have a good reason, I am just resistant to change I guess.
Do the roots matter if the rules have never been enforced? .com is flooded, .net and .org haven't meant anything in a couple decades, and many country TLDs are just wordplay that anyone can reg. At least .edu, .gov, and .mil are enforced.
it's not the root of the hierarchy, it's just up a level. How is .google or .bike or .app any less arbitrary than .com, .net, or .jobs? ICANN picked some arbitrary TLDs a while back, now they've picked some more.
Agreed. The whole dns system should really be just one way to resolve a name. The ideal would be just .dns (the traditional name) or .icann (the organization managing it, though that is a bit more unweildy). And maybe countries to give governments a space they control, but we can see how well that turned out.
This would leave the rest of the root namespace available for completely different approaches to resolving names. Think decentralized schemes like namecoin, .onion, etc.
I realize it is too late for that, but this is the way we should be thinking about name resolution, imho.
I think of it this way: they didn't create a new infinite set of TLDs, they just created a single new TLD which is the empty string. So what was the point? Is having ".com" or similar at the end such a huge burden?
There already are TLDs which have stricter requirements (residency requirements, .edu, .mil etc.) as well as TLDs that were significantly more expansive than others. gTLDs are not that unique in that regard, except for being even more expensive.
I didn't mean it literally, I guess I should have been more clear. What I mean is that gTLDs are a single new namespace, and provide nothing more than what any other single new TLD would have, except for the aesthetic value of not having ".com" at the end of your domain. I suppose now that I think about it this isn't all that profound.
What to do about single-word domains? Is "google", standalone, a valid domain? This is a big problem for browsers which use the same input form box for URLs and search keywords. Do you look up in DNS first, or with the search engine first? DNS no-finds are relatively expensive operations; they may have to go to the root servers to get a definitive "not found". Having a relatively small set of TLDs avoided confusion between domain names and search queries.
Then there's the relative domain problem. Although it's not used much any more, it's a feature of DNS that if you're on machine "abc.example.com", and you look up domain "xyz", it will try "xyz.example.com". The idea was that you could get at servers within your own organization without typing the fully qualified domain name. If you want the domain to be searched from the root, you're supposed to type "." after the domain, as in "example.com." Nobody knows this unless they're really into DNS. There's an adspam exploit that uses relative lookup to turn certain mistyped domains into ads on the domain "com.com", which pretends to host all subdomains of the form "*.com.com". If you're on "example.com", and you look up "nonexistentdomain.com", which doesn't exist, the domain "nonexistentdomain.com.com" is tried as a relative lookup. You get ads.
Then there's the problem of determining what's a second level domain. For that, you now need a very big list. (The list is here: https://publicsuffix.org/)
Current thinking seems to be to disallow single-word domains. There are already, though, a few two letter country code domains which host valid web sites at the TLD. (Try "http://ca.")
This is already a problem for intranet, e.g., if there's a web server accessible by just the machine hostname. Most browsers default it to search unless you remember to prefix it with "http://" every time (even if "devbox" is already in your history... thanks browser guys). It makes me miss the days when the search and address bar were totally separate.
This has nothing to do with gtld, but I think what bothers me most is that domains are in the wrong order. It should be com.ycombinator.news or com.google
"I have to say that now I regret that the syntax is so clumsy. I would like http://www.example.com/foo/bar/baz to be just written http:com/example/foo/bar/baz where the client would figure out that www.example.com existed and was the server to contact. But it is too late now." Tim Berners Lee[1]
Imagine how hard it would have been to untangle cross-site security if he had followed that scheme. As it is, we already have to have arbitrary restrictions on where in the domain hierarchy you can root things like cookies (e.g. if you're on www.example.com you can set cookies on example.com, but if you're on example.co.uk you can't set them on co.uk)
Yes, now it is too late, since gTLDs have been rolled out in such a haphazard way. Right of first refusal on gTLDs should have been granted to the owner of the most highly trafficked domain (between .com, .org, .net, etc.), or worst case, been auctioned off between parties who already owned that domain on one of the TLDs. That would have meant the primary owner of a gTLD like 'google' would be google.com, instead of a random domain squatter.
Right of first refusal WAS given to trademark holders. .google is owned by Google, not by some random domain squatter (whatever gave you that idea?). Trademark vetting is part of the ICANN application process for a new gTLD. No one else other than Google would've been allowed to have the .google gTLD. There are plenty of brand name gTLDs that were never delegated simply because that company didn't want it, and no one else could have it.
This is the single biggest UI mistake for security in browsers.
How do I explain to my grandmother when a banking site is safe? "Yeah, so, it has to start with 'https://', but only at the beginning, and then it has to END with "thebank.com", OR, before the third slash (so not the ones after https://). So find the third /: is there no third /? Then it must end with thebank.com. Is there one? Then before that it must have thebank.com. Yeah it's the part that's blacker! Exactly. It's not super clear but.... Ok forget it. Click the padlock and read the name of the company. And make sure it's from the same country, at least."
Tell her as I tell mine: The security behind the internet has at this point proven to be so fallible that it may as well not even be called security. The advice we I.T. folk have been preaching all these years [but quietly ignoring ourselves] is so much more profound than even we thought. You're safer to continue taking your bankbook to the same teller at the same bank you've been dealing with your whole life and continue to hope the bank doesn't get robbed while you're in there - because you're less likely to get killed in a bank robbery than you are crossing the road to get to the bank... both of which are infinitely less likely than your security getting compromised on the internet and your information being leaked to some hacker forum and ending up on the black market - regardless of the bank's laughable promise to you that your information is "safe and secure." It also has the additional upside of getting you out of the house, interacting with other people and keeping the human spirit alive instead of sitting cooped up inside all day.
That puts "com" first as you read it, despite the fact that it conveys no useful information.
Top-level domains have rarely been used as the ontological category they were intended to be. They are little more than flavor-text that is annoyingly required for uniqueness purposes. I think they rightfully belong in the position of least significance.
> That puts "com" first as you read it, despite the fact that it conveys no useful information. They are little more than flavor-text that is annoyingly required for uniqueness purposes.
Except that's not true at all.
The reason they became "flavor-text" was because they appeared to be tacked on to the end for no reason other than uniqueness. Previously existing organizational schema worked for decades with proper categorization: Usenet is a wonderful example of just how powerful it is.
Had URLs been defined correctly, "com" would have immediately told the user "a commercial entity", "org" would have immediately meant "an organization", "net" probably wouldn't exist, and these newer TLDs like "google", "audio", "apps" would have made a hell of a lot more sense.
> Usenet is a wonderful example of just how powerful it is.
Usenet suffered from some a similar problem to domain names: everything started creeping into the "alt" top-level because it was the popular top-level free-for-all.
And the usefulness of the classification for humans was debatable since every topic could be found in multiple locations and some, like rec.arts.tv and alt.tv, rapidly ended up dwarfing entire top level categories like humanities.
But nowadays TLD-s have little relation to the content category of the domain, look at the .com distortion for example. It's a valid claim that TLD-s are not really useful information. If you look at the current domain structure it's more like a file extension analogy.
The whole point is that this is only the case because of the TLD's position at the end of the root address, which has caused it to be perceived as a tacked-on additive for uniqueness' sake. If it had been placed at the beginning all along this likely would not be the case nowadays. TLDs very well could have been useful information; that's the point @awalton was making.
I agree to an extent, it would be interesting to see how the distribution of domains across TLD-s would look if it were reverse from the beginning, but I'm skeptical about a big shift. Country codes would still dominate local content and my feeling is .com / .net would be more balanced.
In an ideal world, 'www' would be superfluous. Your browser would know what server to contact for the WWW service by requesting SRV records for the bare domain.
Note that postal addresses, at least in the United States, also order lines in descending specificity. I presume that long predates the Internet, and I wonder if it is in any way related.
What you describe is clearly familiar to any Java programmers out there, but it actually made me think of UUCP mail routing, which used to be a bit like that - the hosts would go from left to right, separated by bangs, and ending in the user. Some details here: http://www.tldp.org/LDP/nag/node192.html
What we have now is obviously much friendlier to the end user, given it has no reliance on remembering or understanding the network topology!
Ah yes, I remember those (dimly!)... though if you were sending mail to them it was still `user@` at the start. I don't remember when JANET reversed their ordering to match everyone else's - mid-nineties, maybe?
That's just because you are used to it. But <tld>.<domain> actually makes more sense for multiple reasons:
- That's how phone numbers work, the most significant part of the number is first (<country-code> <area-code> <local-number>) so the most significant part (TLD) should come first in domain names. Users like systems that look like other systems they are already used to.
- <tld>.<domain> would help thwart phishing attacks as most users read left-to-right, so they see right away when the domain is incorrect. Compare this to "google.com.phishing.com" which tricks users because they stop reading after they see "google.com..."
- When you read or hear "go to com.myawesomedomain" you know a domain name is being mentioned as soon as you hear "com.". It is not always obvious otherwise (you have to use specific language like "browse to").
If it was com.something you have to type the com first. If "something" is first, you by the time you get to "som" it will probably have something.com in the dropdown list.
I would say its easiest if the most variable part is first, not only for autofill but for the way I think about it.
When you talk about "most significant" you mean the "largest" category. To me the actual most significant is the part that identifies the most unique thing you are typing in, and that tends to be the domain.
Modern web browsers will complete from any start position in an URL (and some also from the title of the document, I think). E.g. if I have visited the Wikipedia article on irish setters and I start typing irish, it will suggest that article. In the same fashion, if the URL was com.example and you typed exa, it should suggest com.example.
Once again, you say that because you're used to it. When you go to a store, do you go to the item first, then figure out what section it's in then figure out what isle it's on?
No, but when you're looking for a particular website, you Goggle it, then check domain name is the one you were looking for, by having the name product/company name first, you don't need to scan the superfluous data.
That's true. I can definitely see your point. I think the long story, short here is to stick with what you're used to and by google having .google for domains leaves a bad taste in my mouth.
Addresses in Japan are written in exactly the opposite order, with the post code being written at the top of envelope followed by the prefecture, state, etc. Its simply what you are used to.
Eh, that's debatable. Could be confirmation bias because we're just used to it being that way for the last x decades. Fairly sure that if I asked my computer illiterate grandma which made more sense, google.com or com.google, the answer would be "neither." Heck, my parents only add www or com simply "because". There's no rational reason from their perspective to do so other than that it may not work otherwise. If I had originally taught them com.google vs google.com, they'd be none the wiser (assuming either way actually worked).
I actually suspect if we started with a clean slate, it would make more sense to start with "more generic/less detail" to "less generic/more detail." Urls after the domain already do that (well, organized sites, do), e.g. www.site.com/cleaningsupplies/clorox
Then we could have (expanded for example):
company.google
organization.charitynavigator
uk.company.google
xxx.whoa (for those that remember the proposal for a xxx tld)
But there's probably a technical reason for it being the way it is that I'm not aware of or something.
Er... to me, if I really stop and think hard about it, none of these make sense. If I really wanted it to make sense, I'd just type "Google", "RBC", "BBC" - the brand name and it would figure out the rest for me. If the site was secure, my browser would figure that out and tell me it was secure. If the site wasn't secure, it would figure that out too and warn me as such.
Of course, I realize that this is a tall ask given that you have conflicting brands around the world. Perhaps there should be some linguistically obvious [to the average non-I.T. person] way to differentiate between conflicting brands...
I feel like the most obvious should be that we should never have to negotiate security by typing HTTPS... that should be the default state, falling back to HTTP only if HTTPS was unavailable and a warning should be given to the user. The average user [indeed any user] should never have to "look for HTTPS" or "look for the padlock". The whole browser UI should be more intuitive than that - the user should be able to look at the browser window and infer that communication with that site is not secure.
I'm not sure what the address structure should be... perhaps something like(?)
- CA/CHURCH/UNITED/SASKATOON [Localized Home Page]
Perhaps a global brand such as Amazon or Facebook wouldn't even need a country code...or it could be figured out by an algorithm based on the user's context: FACEBOOK
could map to UK/COMPANY/FACEBOOK for a person in the UK or US/COMPANY/FACEBOOK for a person in the U.S. The user could override the location by manually typing the address. If the user's IP address belonged to Amazon in the US, then they could type in just the site and resource address and the rest of the address could be construed from their context: Typing in STORE/ELECTRONICS/DVD/LORD-OF-THE-RINGS would automatically be understood as: US/COMPANY/AMAZON/STORE/ELECTRONICS/DVD/LORD-OF-THE-RINGS. For a residential user, their IP would be assigned to the block for their country, so any sites not explicitly specified would infer a site within their own country.
If the country code isn't known, then some algorithm could attempt to figure it out. If it was ambiguous, then the user could be presented with search results by a preconfigured [or their favorite] search engine.
Anyway - as Tim Berners Lee says... it's too late now. Until someone sets about re-imagining the entire infrastructure that is today's internet, we're stuck with what we've got.
Human language is all about optimizing for context. Abbreviations, contractions, etc. For humans, most of the time the current year and/or "com" are the default context, so it makes sense to present the most significant differentiating information first. If you think about it, that's also why "www." got dropped.
When I make a phone call, I have a "default context" -- my area code -- but people still seem happy enough with phone numbers that go from most general to most specific.
I'm old enough to remember when people would drop area codes. Long distance was expensive so 95% of the numbers you'd call were local. That being the default context, people would drop the area code in most local situations. There's plenty of archival newspaper ads that demonstrate this.
With cell phones and unlimited nationwide calling plans, it's more common to find an assortment of area codes in contact lists these days. What you're describing is not actually a default context. It's just your personal area code. The person next to you might very well have a different one.
It's not my "personal area code", it's... well, the area's area code, and it's the default for people in the area. People and businesses locally routinely give their number without the area code, because it's implied and doesn't need to be dialed. Even my cellphone has the default context of the area in which the SIM card was bought.
So I'm not sure what "old enough to remember" means when it's still true today. 95% of the numbers I call now are local businesses, so I only dial seven digits.
I don't know, maybe you're from the future or something.
It's only the default for new numbers. People carry their old numbers with them when they move, unlike the olden days. Bottom line, contact lists have a lot more mixed area codes now.
> 95% of the numbers I call now are local businesses
That might explain the difference of perspective here. Most people call other people on their phones, not just businesses.
At least according to the FCC, number portability was intended to allow moving between service providers. If you move across the country, there's no guarantee you'll be able to keep that number if you initiate service with another carrier. So in a sense, area codes are "supposed" to be meaningful (even if that's not so true today).
I think he is guessing that the grandparents thinks that www or 'world wide web' means 'the internet' and should be root.
But actually 'web' reveals to the graph of hyperlinks between http/html pages that let you navigate from page to page, server to server. www denotes the host is primarily a http server serving web pages.
You could argue it's superfluous these days - if you are typing it in an address bar, you hope it is a http server, and if you are typing it in a ssh prompt, you know it's your ssh server. People add it because it's a convention and some users might get confused if you don't... (it's probably a vhost anyway most of the time)
It does have one benefit. www.google.com has its IP served from google's dns servers, whereas google.com comes from com's. Google does lots of dns-based load balancing that com doesn't support.
com. only serves the nameserver (NS) addresses for example.com., and if they are within the same domain, their IP addresses. It does not serve the rest of the records for example.com.
You can see this easily with e.g.:
dig -t any google.com. @a.gtld-servers.net.
vs.
dig -t any google.com. @ns1.google.com.
There is no real advantage of having it be 'www' coming from DNS...
There is a somewhat more modern problem which is that having a domain be a CNAME (the DNS equivalent of a by-name redirect) means it can't also have MX records and receive mail; the CNAME also ends up "redirecting" everything, including MX lookups. So if your web host offers yourdomain.someawesomehost.com and you decide to point yourdomain.com to it via CNAME, having you@yourdomain.com doesn't work unless yourdomain.someawesomehost.com is configured to receive mail for yourdomain.com.
hostnames can have more than three components, e.g. "www.ox.ac.uk". So it's either biggest to smallest: "com.google.www" or smallest to biggest: "www.google.com".
google.com.www is in neither ascending or descending order.
www.google/stuff works now that we have generic TLDs and .google is a TLD, but before that it ignores the possibility of google.net and google.org. This may not be a problem for a unique trademark like google but not all domains are trademarks.
why bother with .com at all - it is meant to be a global company but lots of us companies just use it for themselves (global or not) - just because the dns rules were made a long time ago doesn't mean we need to keep them today
You sound like you are telling the kids to get off your lawn. The web is getting so crowded that the old .com/net/org/edu/gov system is not going to be sustainable. The next generation will definitely think you are showing your age when you assume everything is .com, grandpa.
What's up Justin?! Spotted your name and then figured out it was you from comment history. It'll be interesting to see what happens over time, but I think that with the proliferation of mobile we could see something akin to Okta for consumers that gives them a page of icons to click on... like the apps on their phones. Chrome already does this (kind of), but people tend to be very habitual in the way they browse and I could see it go a bit further.
I sorta thought that as well but I think the end result is that TLDs have lost a lot of importance which is a "good thing" IMO. There's far less need to pay exorbitantly for a great .com and it lessens the value of squatting. It seems messy but I suspect will work out fine.
Don't forget a very good reason gTLDs are a scam: it's a land-grab by the enormously wealthy—those who can afford the opening bid of $185,000—that shuts out the plebes like you and I.
Domains have always been a business, otherwise .com domains would be free, the fact that the opening bid is 185k reflects even more that domains are a business.
You can still get a good 2nd level domain for way less than 185k, just look for it.
Also, depending on your country, some domains are free, for ex., in my country .edu.mx is free for schools, and .gob.mx is free for government.
The free .tk domains also exist, because the government of Tokelau Islands found better to use the TLD as tourism advertisement.
At the end of the day, the gTLDs are a good thing, because the value of domains like sex.com won't be $12 million anymore, you can get sex.<anythingelse> for way less.
You'll need to walk me through how that's a scam. Fair warning; If you start down the path of asserting that you deserve everything you desire I'll have a very hard time believing you.
Two simple TLDs: .porn and .sucks. The wealthy people who applied for those (and were approved) will enjoy every entity being forced to buy their names of those domains, if they want to avoid obama.sucks or taylorswift.porn. That is called extortion, regardless of whether or not someone "asserts they deserve everything they desire" (as if that lessens the shitty crimes of another).
Whats the difference between obamasucks.com, obamasucks.net, obamasucks.org, ... and obama.sucks?
If you really want to prevent any possible domain which contains "obama" and "sucks" from being registered, there is a serious problem with freedom of speech.
In the case of .porn, do you know you can submit your trademarks to the ICANN so they enforce them? ex.
The process is long, arduous, and holds no guarantee for the victim of extortion that the case will be ruled in their favor. Some of these cases go on for years before a ruling is made, especially in the case of corporations or people that are not necessarily household names. And this is when the paperwork is in order. I think this pay-to-play DNS naming scheme is awful and clearly a rigged system supporting an oligarchy.
What victim? What extortion? What are you talking about? You are just simply hating a process you hadn't even tried just for the sake of hating it.
Even before the existence of gTLDs there were stupid legal cases because companies like Apple felt entitled over a domain like a.pl[1]
If you own <trademark>, you are not entitled to own every <trademark>.<tld> combination unless <trademark>.<tld> is related to your business, taking the example from apple, you (Apple) may be entitled to own apple.computer and apple.inc, but not apple.groceries
The ICANN guarantees (if you register your trademark) that only you (Apple) will be able to register apple.computer, apple.inc, and every other apple.<tld> closely related to your trademark, but if you don't want to register those domains, nobody else will be able to register them. Where is the extortion in that?
Your arguments about extortions and supporting oligarchies are simply ideological fallacies. Selling domains is a business, and people with enough funds will profit from them whenever you like it or not.
Except that they do, all the time, as I said previously. The extortions and the victims come in when this oligarchy of the wealthy registrars apply for and are approved a TLD which is for the obvious purpose of making everyone buy theirname.shithead to prevent a literal theirname.shithead website. This is extortion on a different level, and it's not hard to see it, so it's apparent you're denying the obvious in order to support your (incorrect) assertions.
Part of why I hate it is that it gives spammers, phishers, and other miscreants a new, inexhaustible supply of domains to abuse. I've already seen it happening with spam coming from .club, .work, etc.
Part of why I like it is that it devalues domains for domain squatters. It is much easier to get a good enough new domain now for whatever idea you come up with, because there are so many more available again.
I think you are looking at it in the wrong way. The squatters are still there, they are just new people who feel like they missed their chance early in the game and playing catch-up.
I think it's like this. You've got a nice neat filesystem that you understand. There's /usr, /bin, /var, /etc, and so on, and you know what they're all for (well, kinda - maybe there's some stuff in /usr that should really be in /bin and /etc is a bit random and...) but it works, and when you do ls -l / you see a nice neat list that has looked the same for 35 years and that comforts you and you recognize it. I know this. This is a UNIX system.
And then one day you install a new update of your ICANN package and all of a sudden when you do ls -l / you see /Documents and /Photos and /Music and /Google and /Ads (where the hell did that come from?), and suddenly it isn't so familiar any more. Someone took your nice neat system which was good enough for Kernighan and Ritchie and RMS and Linus and everyone and they... just figured they'd ignore it.
I think the feeling techies get is just that there was a reason for that old approach. I can mount /bin from shared network storage and /usr from a workgroup server and okay I never actually do that on my MacBook Pro but that's why it's like that and it's important to keep it like that in case... I ever find myself running a timeshared college computer network on a PDP11 and I need it to work just the same as my MacBook, okay?
And we have the same feeling about the TLD system. We were trying to keep that top level directory tidy, in case... you know, in case we needed to use it for something important. And we don't think branding is important.
Unfortunately that ship sailed a long time ago. The DNS system is all about branding, and so we don't really get to use it for important things, like security, or partitioning, or delegation. We can futz around the edges with things like using in-addr.arpa for reverse DNS lookups (but what the hell is using a .arpa address if not hipster techie branding, anyway?), but the majority of the DNS hierarchy? Forget about it. Bit.ly is not actually in Libya.
Top-level domains were the one level where names were purely descriptive - you could generally trust that they referred to what they said (.ly was well and truly owned by the government of Libya, whatever it decided to do with it, and .org is for non-profit orgs). Domain names under them were clearly understood to refer to specific organizations - wine.com is usually understood to be some organization, not an authority over all wine.
Now you have things like .wine, and there's suddenly a question - does this represent the abstract concept? Or some specific wine-making trade group? And which one? And is it clear to users what this imprimatur means? Do we trust ICANN to make this kind of decision, which is much more subjective and opinionated than the ones it traditionally has had to make when deciding who to give a TLD to?
Except .org was already free to use by anyone (including for-profit companies, e.g. craigslist.org) and there was .net, which wasn't descriptive in the least, and .info which is even weirder than .net.
What you had was an illusion of meaning, and the new gTLDs killed it. Good riddance.
Well, what's interesting about the ccTLDs is that their "meaning" was purely organizational, but very clear-cut - you could trust that .us was under the ultimate authority of the US government, and that .ly was under Libyan control, no matter how ridiculous their policy for granting those domains was.
But yeah, I think bit.ly and friends really messed up a lot of the logic people expected from the DNS.
Yes, TLDs should be opposed, for lack of a better reason we would need to change the way we look at domains! Earlier it was simple. google.com, facebook.com now it is weird com.facebook, it would feel as if the web has become a java namespace :D :P
and I think java namespace conventions need to be changed after this :P
I think it's because it's kind of fragmenting the name space. Now instead of having to remember one thing (the domain name) you might have to remember two.
Could you elaborate on this unlimited TLD? I'm a bit out of the loop (but had heard of the .porn TLD!). What's going on? Isn't this going to cause a lot of confusion and compound the issue of domain squatters?
You've only had about 16 years since the formalization of RFC 2606 [1] as a best current practice to move your internal DNS over to a namespace you actually control.
Yes, it's most likely going to be more typing, but this way, you're not risking having everything break at some point when your pseudo-TLD gets picked up by someone (maybe even yourselves) and becomes a real thing on the public internet.
The only way to choose your internal namespace so that it doesn't conflict with external names is to use a namespace you own, because there are no reserved domains for "internal" use.
Specifically, that's going to mean that your internal names need to be subdomains of a domain name you control, such as your organization's domain. Something along the lines of "*.internal.companyname.com".
I worked on Google's CSS infrastructure for a while and there is a lot of logic that goes into what css rules get used where. You could be seeing that due to an experiment, a particular search result or a particular Version of Chrome. Google invests a lot of work in optimizing their css on the page with a lot of very complicated logic going into the choice of what rule to display and when.
When the user runs her own root, she can make tld's "disappear" by editing a text file. She can also create new ones.
Similarly "ICANN" can "create" tld's by editing a text file.
As we all know, most users choose(?) to use dns caches run by someone else and the admins of those caches point them at ICANN's roots.
I would guess most users are not even aware they are making that "choice".
In either case, the cost of editing a text file^W^W^W^Wproduction of a tld is next to nothing. (Maintaining a network of globally reachable servers and coercing dns cache admins at ISPs and elsewhere to use these servers is a separate matter.)
Yet ICANN can charge exorbitant sums for "creating a new tld", i.e., editing a text file. With relatively little work this strange "not for profit" organization can put most YC startups to shame: 1. Edit text file 2. Profit.
How is this possible?
Here is my guess: Because most users do not know how to run their own root let alone their own cache.
Here is my opinion: It is not difficult. 14 years ago djb made it very simple.
Of course, it is April Fools Day. Maybe I am joking and there really is something more to it?
Though originally created by All Too Flat "for fun",[1] it found practical use
in the People's Republic of China after the domestic banning of Google, as it
circumvented the government's firewalls.
I was really hoping they had a second layer to their prank by having a search for "Java" show java source code with the `import com.google.whatevs` be replaced with `import whatevs.google.com`
$ host google.
google has address 127.0.53.53
google mail is handled by 10 your-dns-needs-immediate-attention.google.
$ host your-dns-needs-immediate-attention.google.
your-dns-needs-immediate-attention.google has address 127.0.53.53
your-dns-needs-immediate-attention.google mail is handled by 10 your-dns-needs-immediate-attention.google.
DNS A entires can resolve to any address you like; just, a 127.0 address is not very useful. What's strange is that someone would have set google. to point to a 127.0 address, and left that message in the MX record. (Usually TLDs have no records.)
Though I think I figured out the puzzle:
$ host -t TXT google. 8.8.8.8
google descriptive text "Your DNS configuration needs immediate attention see https://icann.org/namecollision"
For all of you feeling that the huge expansion of gTLDs is incautious, wait till you get a load of unicode in DNS: http://unicode.org/faq/idn.html
Oh yes, and this is happening in gTLDs now, too.
I'm amazed how many places unicode has been jammed in without regard for how utterly unlike ASCII and left-to-right plaintext it is. Check out the vertical text overflowing its boundaries in Youtube comments. Also look at how Youtube's attempts to block keywords from spam are evaded by lookalike characters.
I suspect unicode's keepers won't be satisfied unless it can render any monochrome bitmap via a cryptic formatting language the rest of us still naively treat as plaintext in order to slap a "localizable" label on our software.
Come on...give the ICANN (or the next governing body) 20 more years to fix this and we should make it. Internet is only 25 years old and new gTLDs are celebrating their first year of anniversary.
Not if you didn't apply for it 3 years ago. You can't apply for new gTLDs now; all the news about the process is about applications from a period that ended three years ago moving through later stages of the process.
Doesn't work in Safari. It searches for com.google instead. Confirmed with Safari that has Google as search engine and one that has DuckDuckGo as search engine.
Edit: Ah, it seems to be used in the "Chrome for iOS" user agent string.
Weird that it can't handle iframes(?). Or what's the reason for the JS on com.google that redirects only the "CriOS" user agent to www.google.com without framing?
Generally, on pages/domains where you may provide users with a sign in box (such as the Google Accounts login page), you want to disallow other sites from iframing your page to prevent a clickjacking attack – http://en.wikipedia.org/wiki/Clickjacking
So Google.com busts out of cross-domain iframes by default to prevent attacks like this.
Sure, and Google normally does disable iframing — the particular URL that com.google frames is configured to not serve the X-Frame-Options HTTP, allowing this trick to work. Clicking "Sign In" breaks out of the frame (target="_top").
But that goes for all browsers — I wonder why is Chrome for iOS is being singled out here?
Rest of the .google pages (like a.google) show the nginx start page. Sounds like a last minute idea to host com.google. Even com.google uses an iframe with src google.com?igu=2
Despite having the same google.com cookies, it doesn't show me as logged in. I guess they didn't have time to finish that in their UI reversal/mirroring.
My guess would be that this is just a simple CSS change. Not being logged in is probably intentional since users could potentially take some destructive actions by mistake with the backwards UI.
