0) The actual intersting part of a new TLD can be growing reputation by post-facto taking away a domain without recourse in case of squatting. Instead of adversarial takedowns (which produce false positives as noted), let anyone challenge an inactive domain in the first year or two.
1) If they can figure out a mechanism for moving a domain from "assigned" -> "squatted".
2) Domain must match (or derive from) a verified identity - e.g. your domain is a hash/slug of your government ID. Makes squatting structurally impossible because you can't claim someone else's name / gov (Sign in with passkeys linked to a national ID).
3) Proof of human effort, reduced with time - require periodic renewal with proof-of-use (DNS TXt updates, through a flow hard to automate).
4) Kill speculative market - domains are non-sellable and non-transferable - always go back to the free pool, and stay there for 30 days mandatorily.
Some mix of these could be the right structure for a trule high-reputation, free domain.
> You cannot transfer ownership killing any value you added
I think this is by design. The domain should be for personal use - hence free.
I remember publishing a website for a class on my .tk domain, the teacher couldn't open it and I almost got a failing grade because of it.
I don't get how you get to be an IT teacher without knowing the most basic troubleshooting steps to get assignments to run.
Most universities are unethical shitholes that can do basically whatever they want to gatekeep a diploma.
pretty strict and apparently the Minister of that agency doesnt care that .af is a domain hack for “as fuck” in the west
Not enough allowance to fund a .com domain, had to use freenom / tk + cloudflare for my first years of self hosting
In the mid 2000’s, I moderated a domain name discussion forum in exchange for free hosting. “X forum posts per month = x gb of bandwidth”
My goal was to post enough for them to give me WHM access so I could try to resell it.
Those were the days.
I once mailed $70 cash (multiple months of allowance) to someone to code a MVP of something I wanted to build.
They ripped me off and disappeared.
And… that’s when I decided I needed to learn to code!
My parents were not happy when I told them I sent cash to a stranger. I remember having to do it in secret because they were very not okay with the idea that you can meet strangers online. Hah.
I think reason is I went to work, slung .NET and didn't think much about computers otherwise except occasional reading some C++ books for "fun".
In brief, I think they aim to solve the most important needs for online identity-gated services in a maximally private way.
For instance, I'd like to see .self offer the following: a single domain to any person in the world with identity blinded. I can imagine two 'tranches': say xxx.v.self for 'verified' and xxx.u.self for 'unverified'.
Both would use a Zero Knowledge proof to confirm they had not already registered a domain; verified would register with you guys or a data broker some PII in case it was needed for verification / checks / etc, while unverified would maintain the promise of one domain = one person, but not allow the TLD or registrars to be able to unblind which person it is.
Use cases like this would be really fantastic. And, obviously could be tested out and tried on a normal domain name while you make your pitch, and put in for the auction / however ICANN is currently managing TLD launches.
I wish the Vega people had oriented their work around general-purpose zkVMs instead of application-specific ZK circuits. The latter is a fleeting efficiency win; the former is a permanent flexibility advantage. ZK-based privacy advocates shouldn't over-index on proof performance on today's systems when zkVM systems have been making multiple-OOM performance improvements over the past couple of years.
IOW, with Nova, the Vega people are trying to do something very clever (just as the BBS+ people are trying to do something very cleaver) that general-purpose compute wins have made unnecessary.
Something like RISC Zero will let you run arbitrary Rust code under zero knowledge in a few hundred milliseconds with little fuss. Nobody appreciates that identity verification is one special case of a vast set of useful applications enabled by widespread adoption of a ZK compute platform.
RISC Zero is useful for crypto use-cases: Other people need to verify an exact program was run.
The identity use case is about connecting sources of trust (document issuers) with consumers of that trust ("this is a real person") in ways that don't release more than the minimum information required ("the passport office has signed that this is a real person so we can trust that").
Single purpose circuits make a lot of sense for this - there is just no need to a full ZK RISC-V VM for this use case.
> Everyone entitled to a subdomain at no cost
How are you going to pay for the (substantial) cost of running a TLD without registration fee revenue? Is this a loss leader for other services? Are you operating on a 100% donation model?
> No parking, squatting, or reselling
How do you plan to tell the difference between a parked/squatted domain and one in legitimate use but offering no public-facing services?
We plan on operating the domain as a public good and are actively seeking sponsors to help fund us. Think of it as a similar model to ISRG and LetsEncrypt.
> No parking, squatting, or reselling
Our rule of one person per subdomain will hopefully prevent this at scale, though it will admittedly be more difficult to examine any particular domain so closely. We may have to implement some type of heartbeat where the owner of said domain has to respond within a certain amount of time.
In that case it was started by an institution (mozilla) with a lot of heft in the area (mozilla's CA program is one of the most broadly used) and was backed by other orgs (google) that had a vested interest in it's success. I'd be interested to hear which potential sponsors you see in a similar situation here?
> rule of one person per subdomain
What is the plan to (without costly overhead or cost to the end user) validate who is an actual person? Even large corporations with loads of resources have problems with this without resorting to treating it as if a person equals a credit card number.
We are reaching out to companies who operate in the self-hosted space, academia, ISPs, registars, as well as digital rights orgs. We believe they would be aligned with this mission and ultimately benefit from such a TLD existing!
> What is the plan to (without costly overhead or cost to the end user) validate who is an actual person? Even large corporations with loads of resources have problems with this without resorting to treating it as if a person equals a credit card number.
There are a few emerging technologies we are evaluating to help with this but have not settled on one just yet. Whatever we choose, we will start small and go from there. Worst-case scenario, we start with the credit card approach and iterate. This will ultimately all be a part of the evaluation process we go through with ICANN.
---
To stick with your comparison: when letsencrypt and ISRG launched they had actual answers for how to deal with the hard challenges in their space:
A) how to get included in a trust roots (crossigning with IdenTrust at first and the knowledge and expertise of how to get included in the longer term)
B) Automated domain validation in a standardized way (ACME)
C) Long term commitments of sponsorships to ensure people could trust it would stick around
---
I wish you the best of luck, but I think this might have needed to bake a bit longer before publicizing.
Might be good to know that even in the US this approach would only work for ~50% of people, since a lot of people don't have passports. In most countries this does not work at all, since they don't issue NFC enabled ID/passports.
Is it actually a substantial expense? The TLD itself only has to publish the nameserver records, which generally have a TTL of about a day. A DNS response is a few hundred bytes. Big DNS providers like Google and Cloudflare would make requests for every actively used domain every day, but then cache them. Smaller providers wouldn't cache as well but also wouldn't each request every domain every day. For e.g. a million personal domains, ballpark estimate is somewhere in the few TB a month of traffic. Maybe a little over personal hobby project money but definitely not outrageous for a small non-profit organization.
> How do you plan to tell the difference between a parked/squatted domain and one in legitimate use but offering no public-facing services?
This is the easy one. Squatters buy domains because they want to sell them. To sell them they have to make it publicly known to prospective buyers that the domain is available for sale. So then if anyone lists the domain for sale anywhere, you make them prove that they own it (which any actual buyer would also have to do in order to not get scammed) and when they do the domain is forfeit.
It's kind of sad that we don't do that for all domains. Domain squatters can go to hell.
Also, who is paying for the reduced fee, administrative and infra costs? And have you actually submitted gTLD application, or are you trying to crowdfund? Unclear to me.
I’m guessing, if designed well, the registration process could run on lightweight infrastructure. Maybe $1-5k total per year, not counting time. So it’s enough for a fun hobby project.
Having said that gestures to the entirety of the internet
So maybe not such a big deal.
However, perhaps more relevantly, it isn't clear why this needs a TLD and all the hassle associated with a tld when it could just as easily be attached to any convenient domain name lying around that you have access to, such as, oh, say, onmy.cloud.
Then again I have this objection to almost all TLDs. But I'm not sure I'm wrong.
At the very least if you want to show ICANN that you mean business I would strongly suggest just doing it on onmy.cloud, and tell people that if you get the .self you'll transparently migrate their onmy.cloud domain on to .self when you get it. Nothing says "I can do this" like actually doing it.
Regardless, a UUID is probably the right call. It doesn't help with memorability but it's at least more stable than an IPv4/IPv6 address and can be hard-coded. I wonder if you would get a full zone or if it's just an A/AAAA record given their broader goals of email and VPN tunneling.
https://www.iana.org/domains/root/db
Is this just an idea at this point, or some kind of "you have to use our DNS to resolve .self domains" scheme - ?
Inb4 they give away .docx
(Yes, the domain "readme.md" exists. Fortunately, whoever owns it is not using their power for evil and does not have any webserver there... but I'm not risking it.)
Cloudflare offers this now (their Pay to Crawl service) but its not geared towards every human getting paid for their content. As of today Facebook and other social media platforms profit from our content....not us!
- Centralized authorities for IP & DNS assignment? You (+anyone else you can convince) can just ignore that and it'll work in your bubble anyways!
- No centralized authorities for IP & DNS assignment? You (+anyone else you can convince) can just ignore that and it'll work in your bubble anyways!
My above pedantry aside, the article is explicitly about "The Internet" (it's even using the capital "I" oft forgotten about these days). I.e. the worldwide bubble which has centrally controlled assignment via ICANN/IANA, separate from other systems using the DNS/IP protocols. That's why it talks about ICANN and why bananamogul mentioned .self has not been centrally registered with IANA yet.
If this is supposed to be human-centered, why isn't it .human? I assume there will be many agents with their own ".self" domains that have very little human oversight.
write.it.your.self
think.4.your.self
written.by.my.self
dancing.with.my.self
reference.self
interest.self
pleasure.self
gratification.self
b.true@to.thine.own.self
touch.a.touch.a.touch.a.touch.me
If it has both, it will be squatted to uselessness, and blocked everywhere because of phishing scams everywhere.
You can either make the domains cost money, which seems counter to the entire point, or disallow choosing the domain, instead handing out free what3words style names.
I suppose this will be done by ID verification, which is a complete and total non-starter for me, but they do have a vision of some kind.
Will there be any assurance that renewal prices will remain fairly stable, rather than being significantly raised after customers grow attached to their domains (a practice that seems to be common with new gTLDs)?
They're allowing comments and obviously the first thing there is a scam.
No way any goodwill on the Internet is going to prosper. Not anymore.
It’s weird when sites have invalid email checks.
That all the cool 2-letter TLDs are designated as country codes was an extraordinary mistake that will have unpredictable and devastating consequences long into the future.
It's a commons-pollution problem. Are we going to have to start thinking of every word with a dot in the middle as a potential name? IMHO, a new gTLD is justifiable only when there's some concrete differentiator attached to it, e.g. .local indicating mDNS, or .it indicating "Italy"
What value is there in "horse.horse" being something you can resolve with DNS? What value does <something>.self give me, as a reader, that <something>.name or <something>.me or any of the other zillion variations on the same idea doesn't?
If anything, it creates confusion! "Oh, I met Bob McBobFace. Is he mcbobface.me? mcbobface.name? mcbobface.local?".
I have no objection to providing people with free subdomains under whatever assignment scheme you guys are using, but wouldn't <something>.net have worked too, and been a lot cheaper?
I guess I just don't get the value to the public of increasing the set of dotted word suffixes that indicate that a word is a a cognizable DNS object.
So the new gTLD round is open right now, we're getting more TLDs whether we like it or not. Our goal is to make one that has features built-in which cater to the self-hosting use case. So that is our key differentiator, that every endpoint leveraging our TLD should be someone's small-scale homelab setup.
> I have no objection to providing people with free subdomains under whatever assignment scheme you guys are using, but wouldn't <something>.net have worked too, and been a lot cheaper?
Technically yes it could work, but given the suite of features we'd like to build into our TLD, it would make things more difficult if we didn't own it. We would be dependent on external parties for our root domain, the root of trust for TLS certificates, all users' subdomains would have an extra dot etc.
Everything else on your roadmap could have been built and shipped in the universe that exists, and then if down the road it's working, you could have aimed for your own TLD.
Instead you're putting the TLD first and any of the actual functionality that end users might want afterwards.
The marketing stuff makes it look like the TLD is your main focus.
Even gTLDs using other languages, like .kaufen, are under US jurisdiction. A German website selling to German customers using a .kaufen domain is forced to abide by US law as well as German law or loses the domain. Using a .de domain they would only have to abide by German law. That's unfair that the US government gets to stick its grubby fingers into every TLD that isn't a country code.
You're right in a sense, but the US invented the internet, so they get to invent the rules, no?
However .me (https://namegulf.com/tld/cctld/me) is a ccTLD managed by the Government of Montenegro, they set their own rules
.zip .pdf .mp3
I'd like to thank Caribbean island of Anguilla for having a ccTLD that helps identify which websites aren't worth your time in one quick look.
> - Everyone entitled to a subdomain at no cost
One subdomain, or one subdomain? Would I be entitled to something like "pavel.hosts.self"?
How/Why is this linked to a TLD and not a hosting provider ?
DAVID UNGAR (ungar@self.stanford.edu)
Computer Systems Laboratory, Stanford University, Stanford, California 94305 RANDALL B. SMITH† (rsmith@parc.xerox.com) Xerox Palo Alto Research Center, Palo Alto, California 94304
Abstract. SELF is an object-oriented language for exploratory programming based on a small number of simple and concrete ideas: prototypes, slots, and behavior. Prototypes combine inheritance and instantiation to provide a framework that is simpler and more flexible than most object-oriented languages. Slots unite variables and procedures into a single construct. This permits the inheritance hierarchy to take over the function of lexical scoping in conventional languages. Finally, because SELF does not distinguish state from behavior, it narrows the gaps between ordinary objects, procedures, and closures. SELF’s simplicity and expressiveness offer new insights into objectoriented computation.
To thine own self be true. —William Shakespeare
https://bibliography.selflanguage.org/_static/self-power.pdf
Edit: I've been rate limited because of this comment, apparently. Account burned - will make a new one. Dang says below it's because of flagged comments but I don't see many flagged comments in my history.
We rate limited you because of flamewar comments you posted in another thread, like this one: https://news.ycombinator.com/item?id=48723651. You posted over 50 times in that thread, and many of your comments there broke the site guidelines. That's abusive. If we didn't rate limit accounts for doing that, we might as well have no guidelines or restrictions at all.
> We do not recommend use of unregistered top-level domains at all, but should network operators decide to do this, the following top-level domains have been used on private internal networks without the problems caused by trying to reuse ".local." for this purpose:
.intranet.
.internal.
.private.
.corp.
.home.
.lan.