Attached: 1 image
Queer.af mastodon instance has been shut down by the Taliban (not a joke, they seized the domain name).
https://akko.erincandescent.net/notice/AenoDMPN0SdVXSq9ZY
I'm surprised they even attempted to use that domain. The instance still exists and will need to be routed through a new domain. Which, again sucks, because any reference links will be broken now... which... again... has me wondering why they even went with that domain in the first place. Albeit, it was a clever use of a top level. I wonder how many others are doing the same.
I suspect they skipped checking who controls that domain at the time and just saw that it would make for a good name. Not good practice but I can see how that happened.
The only shame here is that there is no way for an instance to "prove" it is the successor to a defunct domain.
A lot of Lemmy and Mastadon instances have really obnoxious names. I hope they learn from this as use a conventional domain/TLD, and not some random ass countries who could get taken away at any minute.
I suspect they skipped checking who controls that domain at the time and just saw that it would make for a good name. Not good practice but I can see how that happened.
Ahh. I have several domains and a lot of experience with managing various services, but I'm unfamiliar with any requirements regarding the federation process itself. I imagine this may be challenging, but not impossible to handle. Yet another level of suck in this situation.
I doubt most people know that country TLDs are different from vanity TLDs. I know when I look up domains, they're usually all smooshed together and then the terms are in a giant block of ToS.
The vast majority of people likely don't know that .tv isn't a vanity or official TLD, but the Tuvalu country TLD. And its royalties make up nearly 10% of the state's budget.
Honestly though, I don't even know what most of the generic domains are that were created. It's still deeply ingrained in me that any serious website should be using .com, .net, or .org. But... the amount of domains that were purchased just for the purpose of resale at an astronomical value has made so many of those unreachable.
There are some dot-coms that I have wanted for years which have been sitting stagnantly for more than two decades. I'd love to buy them, but there's no way I'd pay the asking price. At least generic TLDs break that stalemate for a lot of folks.
To the people who are like โWhat did you expect to happen when you picked a .af domain, are you idiots?โ
Yes, we were aware of the possibility of suspension from the start
Yes, we were aware that political circumstances could change
But thumbing your nose at conservative autocrats as an even minor form of protest is fun
In the end pretty much everyone has migrated out successfully (and Iโll continue to help anyone who remains)
Weโve all gotten a fun story out of this
Iโve been signalling the probable demise of queer.af to my followers for the past year. We knew the end was coming; we just anticipated it to take a little longer
Similar thing happened with an instance I was on, it couldn't be fixed and they had to start a new instance. Think the problem was federation related, you need every instance admin to change the domain manually in their instance
I was afraid of that. If this is common enough, i think it's something the devs can introduce a feature for which would propagate such a change. Doubt it's high on the totem of things to do, though.
OP, this title is stupidly misleading and incorrect, you should change it immediately.
The Taliban seized the DOMAIN, aka the ownership of the queer.af name that people could type into their browsers, and their system would resolve into an IP address.
As the Taliban control Afghanistan, (see where the domain comes from), this was inevitable and the instance owners were already planning to retire the instance as they didn't want to give money to the Taliban to keep it up.
The INSTANCE, aka the physical server, was not in Afghanistan, and still has its IP address(es), and so has had absolutely nothing happen to it.
Unfortunately, I think due to the way ActivityPub works, the domain name is inexorably tied to the instance. Trying to migrate to a new domain name would break a lot of federation to my understanding.
Yep, the other workaround that's elsewhere in this thread is to set up an entry with a different authoritative DNS in the hosts file, allowing a single machine to resolve the old domain manually.
This could be part of a greater effort, basically asking other instances to help the users evacuate the instance and transfer their accounts, before running tootctl self-destruct
Does federation involve some sort of key exchange? If not, would that mean that if one loses control of a domain somebody could spin up a new Lemmy instance to spoof the old one and potentially harvest data?
I mentioned on Mastodon the domain name "queersare.us" (parody of Toys R Us I guess) which actually makes use of the United States' ccTLD that barely gets used. Someone pointed out to me exactly why that's the case and it has something to do with scammers.
I don't think they could do anything about it. As far as I know, Mastodon doesn't support any kind of instance renaming, so the hostname is one thing you cannot change. You can only spin up a completely new instance.
Who's bright idea was it to integrate the domain name itself directly into the software such that changing the domain name totally fucks up the whole thing? Is there actually a good reason for this to not work like any other website where the domain name is just an address and changing it doesn't actually have any effect other than requiring users to type in or bookmark a different URL?
Federation combined with keeping the historical federated data consistent is certainly a bitch. We can't have it all. It could be like email that only handles delivery at any point in time and history is purely local, but Mastodon specifically keeps the federated data public. Propagating the change on the historical data to the federated instances would be nearly impossible. I don't see how it could have been done better without sacrificing something else.
We (via the ICANN, see below) actually have the power to do that. The .af TLD only works because the root DNS servers delegate the .af TLD to the Afghan nameservers. As soon as we stop doing that, they are powerless.
And as a bonus, the ICANN could set the nameservers to OpenNIC's, setting a precedent for a more public ownership of the Internet. But somehow I highly doubt they would ever do that...
Edit: I did what I documented here to do, and here is the (automated) answer from the ICANN:
Dear [name],
Thank you for contacting ICANN Contractual Compliance.
Your complaint involved a domain name registered under a country code top-level domain.
Please note that ICANN has no contractual authority to address complaints involving country code top-level domainsย (ccTLDs), such as .us, .eu, .ac, or domain names registered under a ccTLD (e.g. example.us, example.eu, example.ac). ICANN does not accredit registrars or set policy for ccTLDs and has no contractual authority to take compliance action against ccTLD operators. For inquiries and issues involving ccTLDs, you may wish to contact the relevant ccTLD manager using the contact details atย https://www.iana.org/domains/root/db. This page will also help you determine which top-level domains (TLDs) are country codes (outside of ICANNยs scope) and which ones are generic (within ICANNยs scope).
Please note that responses to closed cases are not monitored. Therefore, if you require future assistance or have any questions regarding this case that is being closed, please emailย compliance@icann.org. if you have a new complaint, please submit it atย http://www.icann.org/resources/compliance/complaints.
ICANN is requesting your feedback on this closed complaint. Please complete this optional survey here.
ICANN is going to become a UN agency before they kick out states as stakeholders. Their status, though, is not derived from that but by silent agreement from the ISPs handing out servers following ICANN's root servers as default, they'd have to fuck up quite badly for that institutional inertia to change, and any replacement on that level is absolutely bound to respect ccTLDs as control over their own ccTLD is a national security issue for all states, and push come to shove they'd legislate that domestic ISPs have to hand out servers that respect at least their own ccTLD.
And there's nothing wrong with that. Plenty of letter combinations to choose from especially now that there's vanity domains. If this was the early 2000s e.g. lemmy.world would simply be lemmy.net.
US states don't have registrars (four cities do however) and even .us is pretty much only used for domain hacks vs. a lot of TLDs that are actually used to identify country (which I've seen a few people criticize Americans over, but while I don't think it had anything to do with privacy as much as Americans just getting used to everything being .com, I think that's ultimately a good thing.)
Ultimately each country makes the rules for domains under its top level, for those that are named for the country, like .af for Afghanistan. Everything about the instance is intact and can be moved to a different domain.
@zoostation@i_have_no_enemies Indeed, choosing .af was a bad idea for a LGBT service. But there are other bad choices (people registering names under .social without reading the fine print, which says, among other things, that some lobbies can easily take down domain names) https://www.eff.org/fr/node/96673
@GossiTheDog Since the authoritative name servers still reply; you can also ask the #DNS resolver administrator to forward requests for queer.af to kiki.bunny.net and coco.bunny.net.
did not know they can control domain names,
is it possible to deny them that request? why did maston comply with them?
@i_have_no_enemies Almost every Internet activity start with a #DNS request. So, DNS is often (ab)used for political goals.
Also, domain names are organized in a tree so if you control a domain (in that case .af), you also control all names underneath.
There are social networks that don't rely on the DNS but they have other issues. In the mean time, take DNS seriously and choose your domain name with care.