Remember when the .tk TLD became free 20 years ago ? Every hobbyist took one, then scammers followed, then Facebook and antiviruses started blocking it.
I remember publishing a website for a class on my .tk domain, the teacher couldn't open it and I almost got a failing grade because of it.
A friend almost failed an IT class because his website didn't render at all in IE6. This was during the time of IE9. The teacher just hadn't updated their browser in a long time.
I don't get how you get to be an IT teacher without knowing the most basic troubleshooting steps to get assignments to run.
I left community college after a week because my "computer" teacher required us to change our monitors to 640x480 and print out ever step that we completed in things like Notepad or Configuring the Desktop and then every day we'd punch it out and would add it to a three ring binder of all the things we've done.
I took a computer class in college (like 25 years ago now?) and corrected the teacher multiple times every class. And it was like 95% things that were in the book that was issued, so I could even point out the page it was on. It was absolutely embarrassing.
In college I one year had a physics teacher who refused to believe that you could hear the harmonics of a guitar string simply by lightly touching the string at the right place, e.g. in the middle (12th fret) to hear the octave. Nothing could convince him that this was possible.
That year was when several of us spent a good part of the week bowling in a nearby bowling hall, either because we didn't have to take the class (the curriculum was years behind what we had already done before college), or the teachers were so incompetent that there was no point attending.
Fortunately the other educational years (everything after middle school, that year excepted) were great though.
if i may rant, my middle school and high school aged kids have to literally take pictures of their homework assignments with their chromebook camera then put it the pictures in a google slides deck then submit the deck through a form all to just turn in their paper HW assignment! ridiculous.
Heh…I once was in a state-level coding event (it was a small portion of a larger competition) where half of the test was turning in code on a CD during the competition, with the written half during the event. My CD was deemed unusable for whatever reason (it had worked on XP and Fedora 6 or 7 at home) and didn't count towards my score. I still got second in the event. I declined to continue because I couldn't trust that the judges would be able judge my submission fairly and that with half of my score missing I still got second that I didn't need to prove anything else at the cost of more after-school practice hours and wrecking my perfect attendance record during my senior year to travel to nationals.
Perfect attendance is not a good goal to aspire to. Kids force themselves (or get forced by parents) to go to school while sick, which is probably bad for their health and also risks everybody else's health.
I dropped out of college (the UK version, I guess equivalent to senior high school in the US) shortly after discovering that the final assessment of my Computing project would be performed by the examiner reading a printed version of the source code, without ever executing it, because the exam board were so scared of examiners computers being destroyed.
When was this? If this was before virtualisation was common I can maybe understand that but any time in the last 20 years is pretty dumb and the last 10 so braindead I question if they would've been able to judge things properly
Oh this was in 2000, when virtualisation was only just becoming accessible so I can get of get the justification. It still made the entire exercise in writing some software feel pointless when I knew it would never get executed by anyone but myself.
Reminds me of Lord Vetinari from Discworld, reading sheet music instead of listening to adulterated performances by fat sweaty men squeezing the music through some tubes.
Executing the code in your head removed from the nuances of hardware, CPU architecture and compiler versions seems like a virtuous pursuit (?)
Does high school attendance matter for anything? Genuine question. Always seemed like pre-college schooling always wanted you to think everything was more important long-term than it really was.
Many states pay school districts based on attendance.
Attendance typically correlates with classroom success.
Attendance avoids truancy proceedings.
One of the kids in my elementary school got a hat for perfect attendance through 6th grade.
I've never seen attendance shown on a transcript though, but you could fill some space on a resume with it, especially if you have the hat to show for it.
...attendance? I landed a spot in likely the best economics uni in Poland while having 52% attendance in my final HS year, out of which perhaps 10% of the absence was due to illness.
It all depends on the country and the local rules, which can also change from year to year. Attendence didn't matter much, if at all, in my day, but right now it matters. Extremely so. Student's couldn't, until this year (when this was finally revised) even visit the school nurse without getting a "no attendance", which would count negatively with respect to the mandatory attendance requirement for advancing further. And even for receiving the common stipend.
It goes in your permanent Record Of Achievement! I was always told that this would be very a very important set of documents once I left school, and I am sure that I have no reason to doubt their statements!
Not really, but you can get in trouble for truancy if it becomes a big problem (where I'm from, that was 3 unexcused absences or any absences without a doctor's note after 10. In practice, however, this wasn't that enforced)
I assume this was at a highschool and not at university? My IT teacher in highschool was the chemistry teacher, because.. he knew how to use Word, I guess?
He knew we were computer nerds so didn't really care about teaching us (we knew more than him anyway). And we didn't mind that he just sat there drinking coffee and reading a book, as it meant we could just play videogames for an hour. Good times.
Teaching is rewarding which is why people do it, but you're asking them to take less pay for what is often a harder job - convincing kids to learn something when they have dozens of other things competing for their interest. The math aligns on the side with the teacher having the knowledge you would expect in this scenario - with a fair number of teachers not as much knowledge as one would hope they would have. On the students side, if they are bright then this is a soft-skill learning opportunity - how to navigate knowing more than your superior to the benefit of you both.
Surely you could have made essentially the same point without regurgitating one of the most perniciously derogatory lines ever concocted to describe teaching?
All of the market forces you describe are real, but they are partly sustained by cultural templates that make teaching a low-status job among those with technical qualifications and lead to an assumption that every teacher is either (a) internally motivated and doesn't "need" competitive compensation or (b) a washout from a more prestigious track and doesn't "deserve" competitive compensation. This affects administrators, policymakers, voters, and teachers themselves, giving us the status quo where teachers are paid and treated like shit (ask a K-12 educator about the most psychotic parent they met this year and whether admin had their back) so that even many people who love teaching gradually evaporate out of the field if they can.
I suppose I'm not even arguing that the material result is much different than you describe it, just that it's lazy, amoral thinking to frame it as a market quirk or the immutable nature of teaching rather than a slow-motion sociocultural trainwreck over which we can exercise some iota of agency. (One such iota might be to simply not say "those who can..." in earnest ever again.)
Dreamweaver was cool as a beginner because it took a lot of the troublesome parts out of the equation. But it did end up being more of a hindrance than a benefit the further you went in.
I never understood Dreamweaver. The first thing it asked me when making a new website was ... what the resolution of my user's screen is? I don't know that!
Its web development software from the 90s/00s, a period when websites were built by first having a designer meticulously mock everything up in Photoshop on a 640x480 canvas (maybe 800x600 or 1024x768 in later days), that mockup would then be handed over to a web developer (hi, that was me) who would take that mockup, slice it up into a billion little images, and then put them in a wildly complex set of nested HTML tables. The designer would then have a look over it and provide critique on the fact some element was 3px misaligned, or the font size was incorrect.
During this period I was berated by our studio lead for using new fangled technologies like CSS layout that could adapt to different sized screens instead of sticking to the trusty HTML soup Dreamweaver would spit out.
There was a ton of... not exactly footguns, just things to keep in mind if you’ve wanted your site to work as you intended in all browsers. The webcompat nowadays is way better now.
That said, personally I’ve never understood Dreamweaver either. By the time I tried it, I’ve already got used to Notepad++ and writing HTML by hand, so I’ve just treated it as another text editor... and IIRC it just felt way more laggy than Notepad++, with a browser preview panel that took half of my 4:3 display. Maybe I’d discover some cool features if I’ve spent some more time in it? I dunno.
> HTML at the time was intended as an application of SGML
Worse, it was an extended superset (ha!) of SGML. At least 20 years ago, SGML::Parser would reject some valid HTML documents.
That said, it was really easy to type correctly in a text editor (especially compared to actual SGML), particularly one that indented and matched tags for you.
Just like AI vibecoded websites... Good luck understanding the code when the AI bubble explodes and you can't afford the insane price that AI will have by then.
When I had web design a bit after 2010, they still used Dreamweaver and yeah you could get a license for free via the university. That’s pretty normal (eg giving you a Visual Studio license, Office, all that). It was more crazy that the course was so incredibly basic (nothing more than static page building in dreamweaver) at this college compared to the other one I later transferred to
Please. Universities have students by the short and curlies. They can academically do basically whatever they want, and fail you for not complying. Professors can even demand their book be purchased, and fail for not buying the book.
Most universities are unethical shitholes that can do basically whatever they want to gatekeep a diploma.
What they did say is that the school sometimes fails students to get more money — supposedly implying that this was not because they did not meet the passing criteria.
This does not preclude failing students when they deserve it.
It is ok to question of what makes them believe they would have passed the exams without this financial motivation for the school, but they were pretty clear IMO.
Western Governors University. Online 4 year degree. Classes are passed when you pass the "high stakes" (read: proctorio test). This means if you know the material, then you can pass a class in 1 day.
HOWEVER, when you do your final test, they only tell you pass or fail. They do NOT show you what questions you got right or wrong. If you fail, you have to wait 5 days and go through professor hoops. Of course, you naturally never actually talked to the prof. Its all online through ZyBooks.
But WGU benefits on failing people, and by hiding what you failed at. Because the longer you attend, the more they charge. Their response is basically "Get Gud Scrub but we're not gonna tell you how".
During the time of Internet Explorer 9, it was surprisingly common for people to still be using Internet Explorer 6. This was often out of their control, for instance if they had intranet sites that required Internet Explorer 6, or if they were stuck on an old version of Windows because they had outdated hardware.
Later versions of Internet Explorer had compatibility mode, but it often wasn’t enough to get things working, especially if there was ActiveX involved or the security policies were restrictive.
Schools were especially prone to this due to their limited budgets among other reasons, and IT teachers weren’t normally the decision makers who could do anything about it. You shouldn’t assume that a random IT teacher had the authority to spontaneously upgrade a school computer that needs to be used for things besides that one student’s assignment.
I will, however, assume that an IT teacher has the ability to recognise, "this isn't working because I'm using an ancient browser". If the teacher is completely unable to use a less ancient browser, the requirement for the project to work on IE6 should be clearly stated, which it was not.
However in this case, my friend just helped the IT teacher install Google Chrome on his computer and showed that the site rendered fine there. I don't know what sort of policies were in place but there were evidently no technical measures implemented to prevent people from installing a modern browser.
I think your friend might have used portableapps.com, they offer many types of browsers . These programs are packaged to install under a restricted account, without requiring admin rights.
Tenure. Or at least that was my experience with my comp sci teacher who required that we gave him printed out programs for our homework and then tossed them into the trash while making eye contact with you and gave you a grade later.
The schools admins told me he had tenure so there was nothing I could do.
Didn’t take me a whole year before I switched majors.
I always thought these TLDs were a flight risk to be used in any serious capacity. What if the random state decides you/your business are in violation of [whatever] and kick you off?
The owners of `queer.af` thought that AF only meant “as f*ck”, without realizing that AF also happens to the be the ISO 3166 code for a country controlled by the Taliban, who didn’t like their domain name [1].
Brits that had `.eu` domains lost their domains due to Brexit [2] (unless they had some other EEA ties).
And if the Chagos deal goes ahead [3] and the British Indian Ocean Territory ceases to exist, then all `.io` domains might disappear too (although considering that `.su`/Soviet Union domains are still a thing, they probably would have stayed around).
Assuming the British/American air base remains on some agreement with the Mauritian government, then the Chagos Islands may remain as a special territory of Mauritius, justifying the continual existence of an ISO 3166 code for it.
Those were the days indeed. A big part for me is probably because I was a teen at the time with little responsibility, but getting to be a part of the wild west days of the internet was a magical experience.
Somewhere out there is a developer telling this exact same story. ‘I once agreed to build an MVP for a kid who promised to mail me cash. Never showed up. And THAT’S when I decided to get a real job.’
Except I mailed the cash in advance! It’s okay, it was probably another 14 year old.
My parents were not happy when I told them I sent cash to a stranger. I remember having to do it in secret because they were very not okay with the idea that you can meet strangers online. Hah.
Probably: I similarly go back to 2400bps modems (9600 and 14400 when dial-up internet showed up here — 33.6k was the time of soft/winmodems other than the ultra expensive US Robotics ;)), and I skipped the .tk domains too — probably already employed and in possession of 10 .org/.net domains by then.
I remember that. The one thing I would add is I think the usage was much more general purpose. "Free stuff" sites were a big deal and huge source of traffic and .tk was widely shared on those. You could have a banner with ads and have the domain for free.
In brief, I think they aim to solve the most important needs for online identity-gated services in a maximally private way.
For instance, I'd like to see .self offer the following: a single domain to any person in the world with identity blinded. I can imagine two 'tranches': say xxx.v.self for 'verified' and xxx.u.self for 'unverified'.
Both would use a Zero Knowledge proof to confirm they had not already registered a domain; verified would register with you guys or a data broker some PII in case it was needed for verification / checks / etc, while unverified would maintain the promise of one domain = one person, but not allow the TLD or registrars to be able to unblind which person it is.
Use cases like this would be really fantastic. And, obviously could be tested out and tried on a normal domain name while you make your pitch, and put in for the auction / however ICANN is currently managing TLD launches.
It is good that Microsoft Vega is popularizing zero-knowledge identity-based attestations. It's unfortunate that they're doing so in a relatively inflexible way.
I wish the Vega people had oriented their work around general-purpose zkVMs instead of application-specific ZK circuits. The latter is a fleeting efficiency win; the former is a permanent flexibility advantage. ZK-based privacy advocates shouldn't over-index on proof performance on today's systems when zkVM systems have been making multiple-OOM performance improvements over the past couple of years.
IOW, with Nova, the Vega people are trying to do something very clever (just as the BBS+ people are trying to do something very cleaver) that general-purpose compute wins have made unnecessary.
Something like RISC Zero will let you run arbitrary Rust code under zero knowledge in a few hundred milliseconds with little fuss. Nobody appreciates that identity verification is one special case of a vast set of useful applications enabled by widespread adoption of a ZK compute platform.
RISC Zero is useful for crypto use-cases: Other people need to verify an exact program was run.
The identity use case is about connecting sources of trust (document issuers) with consumers of that trust ("this is a real person") in ways that don't release more than the minimum information required ("the passport office has signed that this is a real person so we can trust that").
Single purpose circuits make a lot of sense for this - there is just no need to a full ZK RISC-V VM for this use case.
RISC Zero verifies that an exact computation was performed. What would be the point of the system otherwise? If you're starting from this incorrect premise, you're going to arrive at an incorrect conclusion.
> Single purpose circuits make a lot of sense for this
No, they don't. They lock your system into a single set of trade-offs without an advantage to offset it. They're premature optimization. How do you think ZK systems can be made resilient to cloning attacks without hardware locking if your ZK vocabulary is limited to stupid BBS-style selective disclosure and nothing else?
Can you talk more about RISC Zero? Does it require a TEE of some sort? I had trouble finding a quality mid-detail spec of how it works; lots of marketing materials basically.
zkVMs (of which RISC Zero is one example) do not require a TEE. That's the whole point: the privacy properties come out of the math. Basically, nowadays, once you and I can agree on the text of a program, you can run the program on your private inputs and produce a number that proves to me that you actually ran this specific program and not some other.
For example, age verification: I can run a program that takes a signed time-stamp and an officially-signed birth certificate and produces a yes/no "over 18" boolean, then prove to you I actually ran this program, not just "return true", but WITHOUT revealing the birth certificate.
It's a really neat facility that too few people are thinking about. We've had zero knowledge systems for a few decades now, but until now, each one has been a special bespoke mathematical object that would take years to develop. Over the past year or two, we've 1) made the things 1000x faster, and 2) made it possible to write arbitrary code under zero knowledge instead of having to make each ZK system a PHD thesis.
Others say that zkVMs are pointless because they're less efficient than these bespoke mathematical objects. Yes, they are. So what? The flexibility is worth it. Others say that zkVMs came out of Etherium, so they're only good for "crypto" stuff. False. Sure, it's the Etherium people who did a lot of foundational research into efficient zkVMs. We owe them a debt of gratitude, because they made a new kind of CS object that's going to be useful for tons of things not tied to Etherium or web3 in any way.
Anyway, if you want to get a feel for fully programmable ZK systems, check out https://noir-lang.org/, a programming language for ZK programs (not a zkVM, but same UX). Or https://github.com/a16z/jolt, which lets you run normal Rust under zero knowledge.
Today, you can write normal-looking code and have it execute under zero knowledge, and, importantly, efficiently. You literally couldn't do this two years ago, and it changes everything.
What does require a trusted computing platform, however, is ensuring that the same program isn't being executed millions of times per second to send millions of different ZKPs to different parties.
ID verification is not enough, you also need some way to prevent one malicious user from re-selling the same ID to millions of others. Without ZKPs, you know what document the user is trying to sign up with, so you can rate-limit that document. With ZKPs, however, you need those rate limits to exist somewhere else.
Please get in touch with us via our contact form, we will need collaborators of all kinds and the human validation problem is going to be the hardest technical challenge to solve. We could use your help! https://hccf.onmy.cloud/get-involved/
The "one free domain per person" isn't the interesting part really - that will be hard to police unless domain name is a function of ID proof (avoids squatting).
0) The actual intersting part of a new TLD can be growing reputation by post-facto taking away a domain without recourse in case of squatting. Instead of adversarial takedowns (which produce false positives as noted), let anyone challenge an inactive domain in the first year or two.
1) If they can figure out a mechanism for moving a domain from "assigned" -> "squatted".
2) Domain must match (or derive from) a verified identity - e.g. your domain is a hash/slug of your government ID. Makes squatting structurally impossible because you can't claim someone else's name / gov (Sign in with passkeys linked to a national ID).
3) Proof of human effort, reduced with time - require periodic renewal with proof-of-use (DNS TXt updates, through a flow hard to automate).
4) Kill speculative market - domains are non-sellable and non-transferable - always go back to the free pool, and stay there for 30 days mandatorily.
Some mix of these could be the right structure for a trule high-reputation, free domain.
Sounds like a bad domain for self hosting. You have to update txt records randomly and your domain can be taken for whatever reason. Whatever value you build goes away if you are inactive. You cannot transfer ownership killing any value you added.
Hence the "in the first year or two". Some more human effort to showcase proof early on, then the domain is solidified for you like iwth any other registrar. This is something like captcha/bcrypt - a single instance isn't a burden, but doing it at scale is costly.
> You cannot transfer ownership killing any value you added
I think this is by design. The domain should be for personal use - hence free.
Exactly this, the goal is to design a TLD according to human-centered principles. That is, we are assuming (and enforcing) that every endpoint using this domain will be some relatively small-scale environment for personal use. This is what will allow us to provide a lot of neat functionality but only at that scale.
Trouble is that we live in an ecosystem, and "hoard the maximum you can defend, not the minimum you comfortably need" is an optimal behaviour emergent from the system.
An ecosystem with an under-exploited niche will eventually produce the behaviour that fills the niche. It's a self-optimizing system. None of this is fundamentally escapable as long as we are living organisms competing for finite resources.
These ideas are gold! Thanks for sharing. I'm gonna noodle on an unholy mix of 2) and 3) since my dynamic DNS provider just asks that you login once every 30 days and a hash of a (valid) state ID or DL would be an acceptable burden I feel for issuing a domain (or subdomain even).
The much simpler way to avoid squatting is to make .com domains cost $200 a year. This will instantly end the vast majority of domain squatting on the .com TLD and if people can easily get the .com they need for their business then the other TLDs are not going to have much squatting activity.
> The much simpler way to avoid squatting is to make .com domains cost $200 a year
A monopolist hiking prices to this extent will likely see legal action against them. That's a 20x increase you're proposing.
It's also unlikely to have a material effect. .com used to cost $75 a year back in the day, and that didn't stop squatters, and high value domain transfer sales. $75 in 1990s dollars is about $150-$190 today.
the most fair distribution for limited sought-after resources that are inconsequential (like domain names) are raffles. let people apply in a 4-week window and then randomly assign it to one of the applicants.
then don't allow reselling, just allow giving it back and do a raffle again
We can get creative. quick ideas: Send it by printed post. pass it around people to people. an email needs to be added in with some process, and can only get one TXT update value a week.
Many ways of adding friction to obtaining the updatable value - which a human owning a domain would be happy to do, but a squatter would not want to.
that's how one of my local companies tries to force clients in. They removed auth code from their web panels and introduced complex snail-mail procedure.
That was clear signal to run, but it took me 6 months to do just the domain transfer.
#2, name matching valid government ID excludes trans people who have not yet legally changed their name. Same reason they can’t get a Meta Verified status, even if paying. Thanks technology for keeping things accessible to everyone!</s>
How are you going to pay for the (substantial) cost of running a TLD without registration fee revenue? Is this a loss leader for other services? Are you operating on a 100% donation model?
> No parking, squatting, or reselling
How do you plan to tell the difference between a parked/squatted domain and one in legitimate use but offering no public-facing services?
> How are you going to pay for the (substantial) cost of running a TLD without registration fee revenue? Is this a loss leader for other services? Are you operating on a 100% donation model?
We plan on operating the domain as a public good and are actively seeking sponsors to help fund us. Think of it as a similar model to ISRG and LetsEncrypt.
> No parking, squatting, or reselling
Our rule of one person per subdomain will hopefully prevent this at scale, though it will admittedly be more difficult to examine any particular domain so closely. We may have to implement some type of heartbeat where the owner of said domain has to respond within a certain amount of time.
> Think of it as a similar model to ISRG and LetsEncrypt.
In that case it was started by an institution (mozilla) with a lot of heft in the area (mozilla's CA program is one of the most broadly used) and was backed by other orgs (google) that had a vested interest in it's success. I'd be interested to hear which potential sponsors you see in a similar situation here?
> rule of one person per subdomain
What is the plan to (without costly overhead or cost to the end user) validate who is an actual person? Even large corporations with loads of resources have problems with this without resorting to treating it as if a person equals a credit card number.
> In that case it was started by an institution (mozilla) with a lot of heft in the area (mozilla's CA program is one of the most broadly used) and was backed by other orgs (google) that had a vested interest in it's success. I'd be interested to hear which potential sponsors you see in a similar situation here?
We are reaching out to companies who operate in the self-hosted space, academia, ISPs, registars, as well as digital rights orgs. We believe they would be aligned with this mission and ultimately benefit from such a TLD existing!
> What is the plan to (without costly overhead or cost to the end user) validate who is an actual person? Even large corporations with loads of resources have problems with this without resorting to treating it as if a person equals a credit card number.
There are a few emerging technologies we are evaluating to help with this but have not settled on one just yet. Whatever we choose, we will start small and go from there. Worst-case scenario, we start with the credit card approach and iterate. This will ultimately all be a part of the evaluation process we go through with ICANN.
To be honest it feels like these answers boil down to "we feel it'd be nice if this existed but we have no actual answers as to how to get it done".
---
To stick with your comparison: when letsencrypt and ISRG launched they had actual answers for how to deal with the hard challenges in their space:
A) how to get included in a trust roots (crossigning with IdenTrust at first and the knowledge and expertise of how to get included in the longer term)
B) Automated domain validation in a standardized way (ACME)
C) Long term commitments of sponsorships to ensure people could trust it would stick around
---
I wish you the best of luck, but I think this might have needed to bake a bit longer before publicizing.
Might be good to know that even in the US this approach would only work for ~50% of people, since a lot of people don't have passports. In most countries this does not work at all, since they don't issue NFC enabled ID/passports.
The "how it works" page for that website says that the ID data is "digitally signed by the issuing government". But there doesn't seem to be anything in the docs about how to get or verify that signature. So it seems like they are just asking users to trust them to do the verification.
Oh, cool! Russia is not on the list. Another service that excludes me just becasue I got lucky with the colour of my (NFC-enabled, biometric) passport.
On a less bitter note, I don’t think it’s that hard to build biometric passport validation. Face matching would be another thing, but for unregulated industries I don’t think you’ll need that, so why not grab some library from GitHub and be in control of the whole process? (You would still need to handle people without biometric passports somehow, of course.)
I'm curious about how this works, but it doesn't look like I can find out without creating an account. I see that it says "Link your existing social accounts to prove you're not a bot." How does having social media accounts prove I'm not a bot?
> How are you going to pay for the (substantial) cost of running a TLD without registration fee revenue?
Is it actually a substantial expense? The TLD itself only has to publish the nameserver records, which generally have a TTL of about a day. A DNS response is a few hundred bytes. Big DNS providers like Google and Cloudflare would make requests for every actively used domain every day, but then cache them. Smaller providers wouldn't cache as well but also wouldn't each request every domain every day. For e.g. a million personal domains, ballpark estimate is somewhere in the few TB a month of traffic. Maybe a little over personal hobby project money but definitely not outrageous for a small non-profit organization.
> How do you plan to tell the difference between a parked/squatted domain and one in legitimate use but offering no public-facing services?
This is the easy one. Squatters buy domains because they want to sell them. To sell them they have to make it publicly known to prospective buyers that the domain is available for sale. So then if anyone lists the domain for sale anywhere, you make them prove that they own it (which any actual buyer would also have to do in order to not get scammed) and when they do the domain is forfeit.
It's kind of sad that we don't do that for all domains. Domain squatters can go to hell.
Much of the cost here comes from compliance with the ICANN gTLD program structure, not from running the underlying technical infrastructure (which is not limited to DNS - you also need EPP/RDAP/etc). See https://www.icann.org/en/registry-agreements for (hundred+ page) documents outlining registry responsibilities. Registries can outsource some of this to an ICANN-accredited "registry service provider", but should expect to pay upwards of hundreds of thousands of dollars yearly for the privilege.
Most TLDs need to allow domain transfers because projects do genuinely change ownership sometimes. If you allow transfers, you allow reselling by definition (because you can't physically determine whether cash changes hands).
This isn't like tickets, where "return to pool and let an interested party buy it" is a viable strategy. Tickets are fungible, domains are non-fungible.
If the focus of this is truly on one-per-person personal domains then you don't need to allow transfers and reselling. (Although you'll probably get a grey market of people just repointing DNS to someone else anyway, because if there's money to be had someone will take it)
> Most TLDs need to allow domain transfers because projects do genuinely change ownership sometimes.
That's fine. It's not the transferring that you punish, it's the offering for sale. Good luck squatting when publishing any solicitation to sell the domain is the thing that causes you to lose it. How many domains are you going to squat on and pay renewal fees for when you have no way to let the public know you're willing to sell them that won't cause you to lose them?
> This isn't like tickets, where "return to pool and let an interested party buy it" is a viable strategy. Tickets are fungible, domains are non-fungible.
What does fungibility have to do with whether you can return something to the pool? The lack of fungibility makes it work even better, because if you want a specific domain and you find someone squatting on it, you can report them advertising it for sale. When the registry verifies that the report is true then the person filing the original report can be given first crack at the domain when it goes back into the pool.
For this application round, ICANN is running an Applicant Support Program, or ASP. The applicants seeking to apply for a TLD this round who qualify for the ASP will have a substantially reduced application fee, among other benefits. Our organization is one such org who has qualified for the ASP so we will not have to pay the full $227,000 application fee.
How much is the reduced fee then? As I understand it's somewhere between 75-85% less, which is still a lot of money.
Also, who is paying for the reduced fee, administrative and infra costs? And have you actually submitted gTLD application, or are you trying to crowdfund? Unclear to me.
The fee will fall on us to pay and the gTLD application window is open and our application is in progress. Yes we are crowdfunding (there is a donation link on our website and in the pamphlet) while also actively seeking partners to sponsor us.
If anybody is asking you "are you trying to crowdfund" and your answer is "yes,", you've clearly failed at conversion, marketing and UX design.
90+% of people who would be willing to sponsor this stuff will go "hmm, I wonder where they've taken their money from, not us I guess." Not everybody reads comments, even fewer post ones of their own.
Being on the front of HN is a great opportunity, I'm afraid you haven't used yours as well as you possibly could.
It's usually the clever cunts that try to deceive the investor by deploying an arsenal of marketing tactics. At least the organization in this case, is clear upfront.
Is it really that expensive to run a TLD? Name servers are notoriously long running on ancient spec servers.
I’m guessing, if designed well, the registration process could run on lightweight infrastructure. Maybe $1-5k total per year, not counting time. So it’s enough for a fun hobby project.
Might be a public service? I guess many countries already had such a thing with running cost several order higher than such a thing as a TLD, operating for centuries now.
Countries have the loop of "taxpayers pay government -> government funds service -> service benefits taxpayers." You can't do that if you offer the service to the general internet.
I'm just being a negative nancy here, but I don't think I'd want to advertise that any of my sites are specifically self hosted, in that it kinda asks for ... security probing, since it's more likely than not got less than professional security surrounding it.
Having said that gestures to the entirety of the internet
> The primary purpose of the Cloudflare DNS Proxy is to act as a reverse proxy that sits between your website visitors and your origin server. When enabled, Cloudflare intercepts incoming web traffic, processes it, and shields your server from direct connections.
Maybe you are not up to date on latest trends, but modern CDN purpose is to shield the origin from the public writ large.
There is more to a public web service's digital attack surface than what it looks like in a browser. Correlating and using breached passwords from someone's unrelated accounts to their self-hosted service login portals, for example.
I don't understand the naming scheme, or the apparent lack of it. I half expected it to be some sort of UUID which would at least makes sense. At one per person for 7 billion people that's a little under 33 bits. Make it a nice round 40 for a bit of future proofing (the scheme doesn't need to live forever) and to make a bit of space internally and that's 5 words from a 256-word list. That would seem to make a lot more sense then first-come, first-serve on something as easy to abuse as .self.
However, perhaps more relevantly, it isn't clear why this needs a TLD and all the hassle associated with a tld when it could just as easily be attached to any convenient domain name lying around that you have access to, such as, oh, say, onmy.cloud.
Then again I have this objection to almost all TLDs. But I'm not sure I'm wrong.
At the very least if you want to show ICANN that you mean business I would strongly suggest just doing it on onmy.cloud, and tell people that if you get the .self you'll transparently migrate their onmy.cloud domain on to .self when you get it. Nothing says "I can do this" like actually doing it.
Controlling the TLD has its own benefits and drawbacks (managing email reputation, for example) but as a regular person I have more reason to trust `.cloud` than `.self` purely on the basis of proven continuity. My `.com` domain will almost certainly live as long as the internet does provided that I keep paying to renew.
Regardless, a UUID is probably the right call. It doesn't help with memorability but it's at least more stable than an IPv4/IPv6 address and can be hard-coded. I wonder if you would get a full zone or if it's just an A/AAAA record given their broader goals of email and VPN tunneling.
This is an idea at this point, the next round of gTLD applications is currently open and we are in the process of applying and we are trying to garner support!
There are three TLDs I block on my computer completely, and all of them are file extensions - .zip, .md, and .mov.
(Yes, the domain "readme.md" exists. Fortunately, whoever owns it is not using their power for evil and does not have any webserver there... but I'm not risking it.)
I am SO tired of the Claude docs site getting a rich preview every time anyone mentions “claude.md”. At least it’s registered by Anthropic, but what a terrible decision to allow these TLDs.
there's a project for getting retro computers connected to an "internet" with 90s/00s services available, and they use .retro on that. it's pretty cute.
So this is my iCloud on the web for AI agents to pay me for access to my content (Cloudflare allows the bots in upon paying) :-)
Cloudflare offers this now (their Pay to Crawl service) but its not geared towards every human getting paid for their content. As of today Facebook and other social media platforms profit from our content....not us!
This is practically useless information (and I don't mean that in the flippant "of low regard" slang sense, I mean a literal "this information becomes irrelevant once you look at what practically applying it does" sense). E.g.:
- Centralized authorities for IP & DNS assignment? You (+anyone else you can convince) can just ignore that and it'll work in your bubble anyways!
- No centralized authorities for IP & DNS assignment? You (+anyone else you can convince) can just ignore that and it'll work in your bubble anyways!
My above pedantry aside, the article is explicitly about "The Internet" (it's even using the capital "I" oft forgotten about these days). I.e. the worldwide bubble which has centrally controlled assignment via ICANN/IANA, separate from other systems using the DNS/IP protocols. That's why it talks about ICANN and why bananamogul mentioned .self has not been centrally registered with IANA yet.
Site errored out and gave me three different error messages as I reloaded. I guess it's self-hosted on something underpowered, and dynamic where static would do the job?
We are probably going to reserve some of the more obvious ones for specific purposes, e.g. my.self automatically pointing to a homepage on your local network. As we go through the gTLD evaluation process we will be keen to solicit feedback from the community on more specifics!
States could grant such domains when individuals register their identity, for example, "klaus-mueller-<close eyes say first word that comes to your mind>.self". It runs on a VPS, and it is well documented how to create and run a website on that. School kids are introduced to it. Would be an excellent entry point into digital sovereignty for citizens.
Please leave states out of this. The State™ is not your friend, and we don't need a future, even more criminal government to have access to the shutdown button of even more of our identity.
Note that I did not single out an individual coutnry. All governments always stride towards autocracy.
It simply cannot be both free and free choice of domain.
If it has both, it will be squatted to uselessness, and blocked everywhere because of phishing scams everywhere.
You can either make the domains cost money, which seems counter to the entire point, or disallow choosing the domain, instead handing out free what3words style names.
We have considered this, all of these things will be examined during the evaluation process of the application with ICANN before any approval to operate the TLD is granted. We could also police our domain and revoke users who use it for abuse but that may be too costly. But you are right that fundamentally we must protect the reputation of the TLD at all costs and that will require imposing certain limits on its use.
You should read their proposal. Specifically, the first "core feature": one person, one domain. If you want to squat on a domain, go for it -- it's yours, and that's the only domain you're getting.
I suppose this will be done by ID verification, which is a complete and total non-starter for me, but they do have a vision of some kind.
I've read it, I don't believe it will be effective, even with actual physical ID verification. Scammers can get more IDs, for example by way of scamming.
I don't fully understand how this works... who regulates and defines what is "self-hosted" or "ethical technology"... I feel you can't really solve the distributed consensus and governance problem by just introducing a new domain suffix.
I actually think this is a really good concept.
There is no perfect solution for what they're trying to do, but I think they have most of the things covered.
Offering one free per person is nice, it can be tricky to enforce but I think doable. Regarding privacy, even right now ICANN rules require a real name and address for the domain.
This project comes at the right time when because I see a lot of interest growing towards self-hosting.
I am biased though, I've been working on on OS for self-hosting , fully open source, Debian based, no restrictions
https://github.com/malmoos/malmo
It’s not doable at all. There are millions of people that don’t need a domain but would be happy to be paid $5-10 by some random scammer to hand over their domain.
That's true. But I think it's the same case as a bad actor owning a domain for himself. They still need to do some policing so it doesn't pull down the whole TLD
This sounds great in theory, and if you're capable of managing your own DNS servers already possible for US citizens (via locality domains). Who's gonna front the cost of resolving queries for these domains WAS my question... answered by user HumanCCF above: their sponsors and individual donars will (since they plan on operating the service as a "public good" I imagine with a strong technical team they could actually do it! I wish them the best.)
I definitely can appreciate the principles they're espousing even if I'm not gonna be giving them my dollars. More people should care about making sure technology serves humans, not vice versa :)
Locality domain (RFC 1480) rant: Who the heck is Multi-Paradigm Corporation and how come emailing us-dom2@i-theta.com with all of my "T"s crossed and "I"s dotted to register a domain results in silence. No response, not even a "go away".
I know there's some localities where you have to have notarized authorization on city letterhead but they're mostly administered by the people behind https://www.about.us/locality-structure
https://locality-domains.pages.dev/ is a good reference if you don't have WHOIS installed btw. I can't vouch for how up to date it is though since I just query the database myself.
reading the comments on the site itself makes me think this is one of those "oh, I think found a way to get free money from governments". It doesn't feel like it's being done by someone with genuine knowledge of domains, nor an actual mission. I sounds more like a "deal maker" figuring out a way to get rich by creating an NPO
We could fix a lot of this by just making sure .local (which is used in Bonjour/mDNS) could coexist sanely in mixed resolver environments _and_ could support subdomains. I built https://rcarmo.github.io/projects/mdnsbridge to “fix” it for my particular use case, and if it wasn’t for TLS shenanigans and the lack of subdomains, my issues largely went away.
I'm currently documenting my research on this at myshape.com/genesis-100.html—would be keen to hear if others are tackling the continuity verification problem from a similar angle.”
What is the expected price range for registration and renewal under this TLD?
Will there be any assurance that renewal prices will remain fairly stable, rather than being significantly raised after customers grow attached to their domains (a practice that seems to be common with new gTLDs)?
Their free terms are kind of bad. They use CORS security feature to block you from loading content from other sites. It doesn't cost them anything to let your site link outside content so they are only doing it make the free tier bad so people upgrade.
That all the cool 2-letter TLDs are designated as country codes was an extraordinary mistake that will have unpredictable and devastating consequences long into the future.
Our goal is for .self to be more than just another TLD string, we want to specifically empower the self-hosting use case with local clients that integrate directly with the TLD and operate shared services like mail servers as a public good. We want to dramatically simplify the effort it takes to set up a domain for homelabs and offer free services that are directly tied to the domain like email.
We don't necessarily, however there are many benefits for doing so. We could simply purchase a domain and then build our initiative beneath it but then everything we do would be beneath that domain, meaning there would be two dots in what is our effective TLD. That would also mean we are a bit beholden to whichever TLD we are beneath and also whichever registrar we purchased our domain from. With the services we hope to offer around things like TLS certs and emails, it just makes more sense for use to own the whole thing from the root.
<something>.duckdns.org. works fine, and being "beholden" to ICANN is no worse than being a client of one of the big traditional gTLDs. If you want "one person, one name", well, .name is there for that.
It's a commons-pollution problem. Are we going to have to start thinking of every word with a dot in the middle as a potential name? IMHO, a new gTLD is justifiable only when there's some concrete differentiator attached to it, e.g. .local indicating mDNS, or .it indicating "Italy"
What value is there in "horse.horse" being something you can resolve with DNS? What value does <something>.self give me, as a reader, that <something>.name or <something>.me or any of the other zillion variations on the same idea doesn't?
If anything, it creates confusion! "Oh, I met Bob McBobFace. Is he mcbobface.me? mcbobface.name? mcbobface.local?".
I have no objection to providing people with free subdomains under whatever assignment scheme you guys are using, but wouldn't <something>.net have worked too, and been a lot cheaper?
I guess I just don't get the value to the public of increasing the set of dotted word suffixes that indicate that a word is a a cognizable DNS object.
> It's a commons-pollution problem. Are we going to have to start thinking of every word with a dot in the middle as a potential name? IMHO, a new gTLD is justifiable only when there's some concrete differentiator attached to it, e.g. .local indicating mDNS, or .it indicating "Italy"
So the new gTLD round is open right now, we're getting more TLDs whether we like it or not. Our goal is to make one that has features built-in which cater to the self-hosting use case. So that is our key differentiator, that every endpoint leveraging our TLD should be someone's small-scale homelab setup.
> I have no objection to providing people with free subdomains under whatever assignment scheme you guys are using, but wouldn't <something>.net have worked too, and been a lot cheaper?
Technically yes it could work, but given the suite of features we'd like to build into our TLD, it would make things more difficult if we didn't own it. We would be dependent on external parties for our root domain, the root of trust for TLS certificates, all users' subdomains would have an extra dot etc.
It just feels a bit like you've decided to solve the hardest possible side quest first.
Everything else on your roadmap could have been built and shipped in the universe that exists, and then if down the road it's working, you could have aimed for your own TLD.
Instead you're putting the TLD first and any of the actual functionality that end users might want afterwards.
That is a fair criticism, however I would say that the reason we are going for the TLD now is because now is the only time we can do it. The last round of TLD applications was in 2012, so if we don't apply now, it could be a veeery long time before the opportunity comes around again. We are a new org and our goal is to build functionality in parallel with the ICANN application which will likely take years to resolve.
You can't purchase a domain, only rent it. If anything, going through a "pay to get a temporary monopoly on some virtual object" is the very opposite of empowering people with more autonomy as the project seems to try to support.
What do you mean by "US domains?" Domains registered by US citizens? Hosted in the US (in which case does that include territories)? Regardless of the definition, I don't see an easy way to do this, nor a reason to, since domains can change hands (and hosts) across countries.
Domains that fall under the jurisdiction of the US? The domains themselves not the websites they point to? Everything under .games is controlled by the US government, the German government gets .games.de instead. To be fair it should be .games.us and .games.de (or .spiele.de)
Even gTLDs using other languages, like .kaufen, are under US jurisdiction. A German website selling to German customers using a .kaufen domain is forced to abide by US law as well as German law or loses the domain. Using a .de domain they would only have to abide by German law. That's unfair that the US government gets to stick its grubby fingers into every TLD that isn't a country code.
I have the opposite opinion, TLDs should have been restricted to ISO 3166 codes only, with only a few exceptions for international organizations and private networks.
Well, the .meow kickstarter raised €121,896 with just an assertion and a voucher system, so there's at least some community support for this kind of thing, without it needing to be a good idea :-)
If this is supposed to be human-centered, why isn't it .human? I assume there will be many agents with their own ".self" domains that have very little human oversight.
well that sucks, I just bought a domain for this purpose. Granted, I was under extremely heavy budget constraints so perhaps I wouldn't have been able to afford one. There was a sale on .club domains, so I picked that with a funny name (beatsyouwith.club (no, nothing is hosted on it publicly yet I'm lazy))
Sounds like a unified directory of domain with lower security that attackers can target to me. not sure the domain for self hosting is such a great idea.
I’m very confused. This is a web page with an embedded single-page PDF (!?) that gives zero details about how the project would work, be funded, or even look like. What is there to even discuss? Nothing about this seems very “human centered” to me.
The point is that you are your own hosting provider! We are trying to cater to self-hosters so our goal is to make it as easy as possible for someone with their own homelab to get a domain and have it pointed at the services they want to host.
481 upvotes on HN, and only $136 USD donated (out of $64k target) -- at the time of writing.
Given the amount of traffic this project has received by being at the top of the front page for half a day, one has to wonder if a different approach to soliciting donations would have yielded them more money.
Clearly, everyone here is at least interested in the idea of a .self domain, and I wager that most (even the naysayers) of the commenters would register theirs.
Imagine if instead of asking for a $15–125 donation behind a CTA, they asked for $2 to "pre-register" your domain (with higher tiers for more benefits). I have a feeling they would have raised a lot more money...
The problem I see with those initiatives is that there are 8 billions of us, and for most us, there are uncountable persons with the same name.
And do we really want another public identity anchor given the increasingly signs of a rise on government control and authoritarism?
What I dream of is an identity schema where your identity is context based, your friends can easily locate your game server, the IRS knows the stuff it legally can know about you, but it couldn't easily trace you as a taxpayer to you journalist or political blogger, even if you had a patreon or a substack and received money from supporters, the IRS can tax that money, but it can't link it to your anarchist blog.
Yeah, a pipe dream, I know. But, can we really keep on living on this world without dreaming a bit?
If we're gonna futz around with self hosting tld stuff, can we get HTTP clients to allow self signing on dot local? It's my goddamned network stop warning me about my own servers and no I don't want to install new root certs I resent the need to do Deep Magic just to have a private NAS.
I remember that the local service provider in the 1990s
offered free homepages for all customers. Over the years
this, strangely enough, disappeared completely; still not
sure why, but it was harder to get hosting. It's still
possible today, even for free, but it is more of a hassl
and harder to do so than what I remember in the late 1990s
early 2000s. I actually think every citizen should
automatically get a free homepage etc..., if they want to
(should be guaranteed to be an option, never mandatory of
course; and I also think it should be a human right, together
with access to information. Some countries perma-ban people
who "violated" something e. g. downloaded copyrighted material,
that also needs to be eliminated and states that do so should
be called brutal dictatorships.)
I've been experimenting with using "mymobilenumber.xyz" for stuff thats specific to me.
the domains are cheap and easy to remember.. in this day and age mobile numbers are not super secret anyway...
Computer Systems Laboratory, Stanford University, Stanford, California 94305
RANDALL B. SMITH† (rsmith@parc.xerox.com)
Xerox Palo Alto Research Center, Palo Alto, California 94304
Abstract. SELF is an object-oriented language for exploratory programming based on a small
number of simple and concrete ideas: prototypes, slots, and behavior. Prototypes combine inheritance
and instantiation to provide a framework that is simpler and more flexible than most object-oriented
languages. Slots unite variables and procedures into a single construct. This permits the inheritance
hierarchy to take over the function of lexical scoping in conventional languages. Finally, because
SELF does not distinguish state from behavior, it narrows the gaps between ordinary objects,
procedures, and closures. SELF’s simplicity and expressiveness offer new insights into objectoriented computation.
We plan to operate a shared mail server than can be used by users of the domain and we will work to ensure it is trusted by imposing usage limits. We will assume that every endpoint in our domain is someone's personal homelab, meaning small-scale use. For large mailing campaigns and newsletters there are plenty of services to choose from that enable those but for just sending personal emails, it should work.
Wait, so self hosting but I don't host my own email? So you guys just want to run your own mailserver and give people custom emails?
That sounds like negative utility. That would make hosting an email server on one of your domains harder than hosting it on a .com, so what benefit is this providing?
I've been looking to get into the TLD game. It's gonna cost about $600k, and it's a coin toss as to whether or not you'll get your money back. The two I've been eyeing, is .ion and .ness. Anyone want to go in on either of those with me?
unless it's promising a return on investment funded by new entrants to the scheme it's not a ponzi. Managing TLDs is just a plain old service. If you want to set people up with a different solution to planting a flag in a global namespace you're free to do so (.eth was an interesting attempt) but you are competing with one hell of a 'network effect'
I am disappointed that icannt.org is taken and is not an alternative root.
Edit: I've been rate limited because of this comment, apparently. Account burned - will make a new one. Dang says below it's because of flagged comments but I don't see many flagged comments in my history.
Of course we wouldn't rate limit you, or anyone else, for an innocuous comment.
We rate limited you because of flamewar comments you posted in another thread, like this one: https://news.ycombinator.com/item?id=48723651. You posted over 50 times in that thread, and many of your comments there broke the site guidelines. That's abusive. If we didn't rate limit accounts for doing that, we might as well have no guidelines or restrictions at all.
You're right. Though that was a comment with the n-word and a bunch of other explicits, I think a reaction was warranted. But I will keep that in mind next time
I've been using .lan, referenced in rfc6762[1] as a good alternative to the multicast .local
> We do not recommend use of unregistered top-level
domains at all, but should network operators decide to do this, the
following top-level domains have been used on private internal
networks without the problems caused by trying to reuse ".local." for
this purpose:
That doesn't contradict anything I said. Private networks can be huge, e.g. in big companies, and they can still use .internal. .internal serves quite a different purpose to that proposed for .self, so the top level comment I replied to doesn't make much sense.
I remember publishing a website for a class on my .tk domain, the teacher couldn't open it and I almost got a failing grade because of it.
I don't get how you get to be an IT teacher without knowing the most basic troubleshooting steps to get assignments to run.
Full Color.
> God said 640×480 16 colour is a covenant like circumcision.
https://clotmag.com/oped/deus-ex-machina-deconstructing-digi...
Executing the code in your head removed from the nuances of hardware, CPU architecture and compiler versions seems like a virtuous pursuit (?)
…and that’s how we got Java :p
And stuff like Pascal, too, so it’s not all bad.
Attendance typically correlates with classroom success.
Attendance avoids truancy proceedings.
One of the kids in my elementary school got a hat for perfect attendance through 6th grade.
I've never seen attendance shown on a transcript though, but you could fill some space on a resume with it, especially if you have the hat to show for it.
He knew we were computer nerds so didn't really care about teaching us (we knew more than him anyway). And we didn't mind that he just sat there drinking coffee and reading a book, as it meant we could just play videogames for an hour. Good times.
Teaching is rewarding which is why people do it, but you're asking them to take less pay for what is often a harder job - convincing kids to learn something when they have dozens of other things competing for their interest. The math aligns on the side with the teacher having the knowledge you would expect in this scenario - with a fair number of teachers not as much knowledge as one would hope they would have. On the students side, if they are bright then this is a soft-skill learning opportunity - how to navigate knowing more than your superior to the benefit of you both.
All of the market forces you describe are real, but they are partly sustained by cultural templates that make teaching a low-status job among those with technical qualifications and lead to an assumption that every teacher is either (a) internally motivated and doesn't "need" competitive compensation or (b) a washout from a more prestigious track and doesn't "deserve" competitive compensation. This affects administrators, policymakers, voters, and teachers themselves, giving us the status quo where teachers are paid and treated like shit (ask a K-12 educator about the most psychotic parent they met this year and whether admin had their back) so that even many people who love teaching gradually evaporate out of the field if they can.
I suppose I'm not even arguing that the material result is much different than you describe it, just that it's lazy, amoral thinking to frame it as a market quirk or the immutable nature of teaching rather than a slow-motion sociocultural trainwreck over which we can exercise some iota of agency. (One such iota might be to simply not say "those who can..." in earnest ever again.)
During this period I was berated by our studio lead for using new fangled technologies like CSS layout that could adapt to different sized screens instead of sticking to the trusty HTML soup Dreamweaver would spit out.
That said, personally I’ve never understood Dreamweaver either. By the time I tried it, I’ve already got used to Notepad++ and writing HTML by hand, so I’ve just treated it as another text editor... and IIRC it just felt way more laggy than Notepad++, with a browser preview panel that took half of my 4:3 display. Maybe I’d discover some cool features if I’ve spent some more time in it? I dunno.
A lot of people (me included) used text editors to write HTML. The process was not easy, and the results mostly not correct.
HTML at the time was intended as an application of SGML. This is the first example of HTML from RFC 1866 that laid out HTML 2.0 in 1995:
Using an HTML editor was required if you wanted to get anywhere near that standard.Worse, it was an extended superset (ha!) of SGML. At least 20 years ago, SGML::Parser would reject some valid HTML documents.
That said, it was really easy to type correctly in a text editor (especially compared to actual SGML), particularly one that indented and matched tags for you.
Turns out you save save as HTML and any links you put between slides become anchor tags.
Pretty neat, but hurt my soul to have all my classmates do that
Most universities are unethical shitholes that can do basically whatever they want to gatekeep a diploma.
There is so much shady things about academic env that it doesnt sound scary
Ive witnessed situation where "hard" prof was teaching and many ppl failed, and then thry received "easy" prof and they passed
But they had to pay for exams and retake, etc
What they did say is that the school sometimes fails students to get more money — supposedly implying that this was not because they did not meet the passing criteria.
This does not preclude failing students when they deserve it.
It is ok to question of what makes them believe they would have passed the exams without this financial motivation for the school, but they were pretty clear IMO.
Western Governors University. Online 4 year degree. Classes are passed when you pass the "high stakes" (read: proctorio test). This means if you know the material, then you can pass a class in 1 day.
HOWEVER, when you do your final test, they only tell you pass or fail. They do NOT show you what questions you got right or wrong. If you fail, you have to wait 5 days and go through professor hoops. Of course, you naturally never actually talked to the prof. Its all online through ZyBooks.
But WGU benefits on failing people, and by hiding what you failed at. Because the longer you attend, the more they charge. Their response is basically "Get Gud Scrub but we're not gonna tell you how".
Later versions of Internet Explorer had compatibility mode, but it often wasn’t enough to get things working, especially if there was ActiveX involved or the security policies were restrictive.
Schools were especially prone to this due to their limited budgets among other reasons, and IT teachers weren’t normally the decision makers who could do anything about it. You shouldn’t assume that a random IT teacher had the authority to spontaneously upgrade a school computer that needs to be used for things besides that one student’s assignment.
However in this case, my friend just helped the IT teacher install Google Chrome on his computer and showed that the site rendered fine there. I don't know what sort of policies were in place but there were evidently no technical measures implemented to prevent people from installing a modern browser.
That first teacher died shortly after, she had terminal breast cancer. I miss her a lot
The schools admins told me he had tenure so there was nothing I could do.
Didn’t take me a whole year before I switched majors.
Or just ineptitude, but I'm hoping for the former.
pretty strict and apparently the Minister of that agency doesnt care that .af is a domain hack for “as fuck” in the west
2. Sell domain name that's against Sharia law
3. Retake it back when someone buys it, because it's against the law
4. Repeat and profit
The registry thankfully was able to sort it out and I was able to get it back and registered with a regisrar not currently being actively genocided.
I felt like a real dick, emailing people in Gaza in 2026 how to renew my domain.
Brits that had `.eu` domains lost their domains due to Brexit [2] (unless they had some other EEA ties).
And if the Chagos deal goes ahead [3] and the British Indian Ocean Territory ceases to exist, then all `.io` domains might disappear too (although considering that `.su`/Soviet Union domains are still a thing, they probably would have stayed around).
[1]: https://www.404media.co/taliban-shuts-down-queer-af-domain-b...
[2]: https://www.gov.uk/guidance/registering-and-renewing-eu-doma...
[3]: https://www.bbc.com/news/articles/ce9m47y1ez2o
Ouch, that must've hurt. Brexit is the most stupid thing that Britain has ever imposed on itself.
Not enough allowance to fund a .com domain, had to use freenom / tk + cloudflare for my first years of self hosting
In the mid 2000’s, I moderated a domain name discussion forum in exchange for free hosting. “X forum posts per month = x gb of bandwidth”
My goal was to post enough for them to give me WHM access so I could try to resell it.
Those were the days.
I once mailed $70 cash (multiple months of allowance) to someone to code a MVP of something I wanted to build.
They ripped me off and disappeared.
And… that’s when I decided I needed to learn to code!
My parents were not happy when I told them I sent cash to a stranger. I remember having to do it in secret because they were very not okay with the idea that you can meet strangers online. Hah.
I think reason is I went to work, slung .NET and didn't think much about computers otherwise except occasional reading some C++ books for "fun".
Might be too old then. I used my parents speedy ADSL modem (4mbit/s down, 1mbit/s up) :D
Haven’t had much issues but surely if could go back and i’d pick a different tld.
In brief, I think they aim to solve the most important needs for online identity-gated services in a maximally private way.
For instance, I'd like to see .self offer the following: a single domain to any person in the world with identity blinded. I can imagine two 'tranches': say xxx.v.self for 'verified' and xxx.u.self for 'unverified'.
Both would use a Zero Knowledge proof to confirm they had not already registered a domain; verified would register with you guys or a data broker some PII in case it was needed for verification / checks / etc, while unverified would maintain the promise of one domain = one person, but not allow the TLD or registrars to be able to unblind which person it is.
Use cases like this would be really fantastic. And, obviously could be tested out and tried on a normal domain name while you make your pitch, and put in for the auction / however ICANN is currently managing TLD launches.
I wish the Vega people had oriented their work around general-purpose zkVMs instead of application-specific ZK circuits. The latter is a fleeting efficiency win; the former is a permanent flexibility advantage. ZK-based privacy advocates shouldn't over-index on proof performance on today's systems when zkVM systems have been making multiple-OOM performance improvements over the past couple of years.
IOW, with Nova, the Vega people are trying to do something very clever (just as the BBS+ people are trying to do something very cleaver) that general-purpose compute wins have made unnecessary.
Something like RISC Zero will let you run arbitrary Rust code under zero knowledge in a few hundred milliseconds with little fuss. Nobody appreciates that identity verification is one special case of a vast set of useful applications enabled by widespread adoption of a ZK compute platform.
RISC Zero is useful for crypto use-cases: Other people need to verify an exact program was run.
The identity use case is about connecting sources of trust (document issuers) with consumers of that trust ("this is a real person") in ways that don't release more than the minimum information required ("the passport office has signed that this is a real person so we can trust that").
Single purpose circuits make a lot of sense for this - there is just no need to a full ZK RISC-V VM for this use case.
> Single purpose circuits make a lot of sense for this
No, they don't. They lock your system into a single set of trade-offs without an advantage to offset it. They're premature optimization. How do you think ZK systems can be made resilient to cloning attacks without hardware locking if your ZK vocabulary is limited to stupid BBS-style selective disclosure and nothing else?
I don't understand what "BBS-style" means in this context, but selective disclosure is exactly what the requirement is.
For example, age verification: I can run a program that takes a signed time-stamp and an officially-signed birth certificate and produces a yes/no "over 18" boolean, then prove to you I actually ran this program, not just "return true", but WITHOUT revealing the birth certificate.
It's a really neat facility that too few people are thinking about. We've had zero knowledge systems for a few decades now, but until now, each one has been a special bespoke mathematical object that would take years to develop. Over the past year or two, we've 1) made the things 1000x faster, and 2) made it possible to write arbitrary code under zero knowledge instead of having to make each ZK system a PHD thesis.
Others say that zkVMs are pointless because they're less efficient than these bespoke mathematical objects. Yes, they are. So what? The flexibility is worth it. Others say that zkVMs came out of Etherium, so they're only good for "crypto" stuff. False. Sure, it's the Etherium people who did a lot of foundational research into efficient zkVMs. We owe them a debt of gratitude, because they made a new kind of CS object that's going to be useful for tons of things not tied to Etherium or web3 in any way.
Anyway, if you want to get a feel for fully programmable ZK systems, check out https://noir-lang.org/, a programming language for ZK programs (not a zkVM, but same UX). Or https://github.com/a16z/jolt, which lets you run normal Rust under zero knowledge.
Today, you can write normal-looking code and have it execute under zero knowledge, and, importantly, efficiently. You literally couldn't do this two years ago, and it changes everything.
ID verification is not enough, you also need some way to prevent one malicious user from re-selling the same ID to millions of others. Without ZKPs, you know what document the user is trying to sign up with, so you can rate-limit that document. With ZKPs, however, you need those rate limits to exist somewhere else.
0) The actual intersting part of a new TLD can be growing reputation by post-facto taking away a domain without recourse in case of squatting. Instead of adversarial takedowns (which produce false positives as noted), let anyone challenge an inactive domain in the first year or two.
1) If they can figure out a mechanism for moving a domain from "assigned" -> "squatted".
2) Domain must match (or derive from) a verified identity - e.g. your domain is a hash/slug of your government ID. Makes squatting structurally impossible because you can't claim someone else's name / gov (Sign in with passkeys linked to a national ID).
3) Proof of human effort, reduced with time - require periodic renewal with proof-of-use (DNS TXt updates, through a flow hard to automate).
4) Kill speculative market - domains are non-sellable and non-transferable - always go back to the free pool, and stay there for 30 days mandatorily.
Some mix of these could be the right structure for a trule high-reputation, free domain.
> You cannot transfer ownership killing any value you added
I think this is by design. The domain should be for personal use - hence free.
An ecosystem with an under-exploited niche will eventually produce the behaviour that fills the niche. It's a self-optimizing system. None of this is fundamentally escapable as long as we are living organisms competing for finite resources.
A monopolist hiking prices to this extent will likely see legal action against them. That's a 20x increase you're proposing.
It's also unlikely to have a material effect. .com used to cost $75 a year back in the day, and that didn't stop squatters, and high value domain transfer sales. $75 in 1990s dollars is about $150-$190 today.
then don't allow reselling, just allow giving it back and do a raffle again
Many ways of adding friction to obtaining the updatable value - which a human owning a domain would be happy to do, but a squatter would not want to.
that's how one of my local companies tries to force clients in. They removed auth code from their web panels and introduced complex snail-mail procedure.
That was clear signal to run, but it took me 6 months to do just the domain transfer.
> Everyone entitled to a subdomain at no cost
How are you going to pay for the (substantial) cost of running a TLD without registration fee revenue? Is this a loss leader for other services? Are you operating on a 100% donation model?
> No parking, squatting, or reselling
How do you plan to tell the difference between a parked/squatted domain and one in legitimate use but offering no public-facing services?
We plan on operating the domain as a public good and are actively seeking sponsors to help fund us. Think of it as a similar model to ISRG and LetsEncrypt.
> No parking, squatting, or reselling
Our rule of one person per subdomain will hopefully prevent this at scale, though it will admittedly be more difficult to examine any particular domain so closely. We may have to implement some type of heartbeat where the owner of said domain has to respond within a certain amount of time.
In that case it was started by an institution (mozilla) with a lot of heft in the area (mozilla's CA program is one of the most broadly used) and was backed by other orgs (google) that had a vested interest in it's success. I'd be interested to hear which potential sponsors you see in a similar situation here?
> rule of one person per subdomain
What is the plan to (without costly overhead or cost to the end user) validate who is an actual person? Even large corporations with loads of resources have problems with this without resorting to treating it as if a person equals a credit card number.
We are reaching out to companies who operate in the self-hosted space, academia, ISPs, registars, as well as digital rights orgs. We believe they would be aligned with this mission and ultimately benefit from such a TLD existing!
> What is the plan to (without costly overhead or cost to the end user) validate who is an actual person? Even large corporations with loads of resources have problems with this without resorting to treating it as if a person equals a credit card number.
There are a few emerging technologies we are evaluating to help with this but have not settled on one just yet. Whatever we choose, we will start small and go from there. Worst-case scenario, we start with the credit card approach and iterate. This will ultimately all be a part of the evaluation process we go through with ICANN.
---
To stick with your comparison: when letsencrypt and ISRG launched they had actual answers for how to deal with the hard challenges in their space:
A) how to get included in a trust roots (crossigning with IdenTrust at first and the knowledge and expertise of how to get included in the longer term)
B) Automated domain validation in a standardized way (ACME)
C) Long term commitments of sponsorships to ensure people could trust it would stick around
---
I wish you the best of luck, but I think this might have needed to bake a bit longer before publicizing.
No it won’t. Spammers will just pay thousands of random people in poor countries to create their domain.
A domain squatter is in an easier position to automate that than an amateur to not forget to respond.
Might be good to know that even in the US this approach would only work for ~50% of people, since a lot of people don't have passports. In most countries this does not work at all, since they don't issue NFC enabled ID/passports.
Oh, cool! Russia is not on the list. Another service that excludes me just becasue I got lucky with the colour of my (NFC-enabled, biometric) passport.
On a less bitter note, I don’t think it’s that hard to build biometric passport validation. Face matching would be another thing, but for unregulated industries I don’t think you’ll need that, so why not grab some library from GitHub and be in control of the whole process? (You would still need to handle people without biometric passports somehow, of course.)
Is it actually a substantial expense? The TLD itself only has to publish the nameserver records, which generally have a TTL of about a day. A DNS response is a few hundred bytes. Big DNS providers like Google and Cloudflare would make requests for every actively used domain every day, but then cache them. Smaller providers wouldn't cache as well but also wouldn't each request every domain every day. For e.g. a million personal domains, ballpark estimate is somewhere in the few TB a month of traffic. Maybe a little over personal hobby project money but definitely not outrageous for a small non-profit organization.
> How do you plan to tell the difference between a parked/squatted domain and one in legitimate use but offering no public-facing services?
This is the easy one. Squatters buy domains because they want to sell them. To sell them they have to make it publicly known to prospective buyers that the domain is available for sale. So then if anyone lists the domain for sale anywhere, you make them prove that they own it (which any actual buyer would also have to do in order to not get scammed) and when they do the domain is forfeit.
It's kind of sad that we don't do that for all domains. Domain squatters can go to hell.
Most TLDs need to allow domain transfers because projects do genuinely change ownership sometimes. If you allow transfers, you allow reselling by definition (because you can't physically determine whether cash changes hands).
This isn't like tickets, where "return to pool and let an interested party buy it" is a viable strategy. Tickets are fungible, domains are non-fungible.
That's fine. It's not the transferring that you punish, it's the offering for sale. Good luck squatting when publishing any solicitation to sell the domain is the thing that causes you to lose it. How many domains are you going to squat on and pay renewal fees for when you have no way to let the public know you're willing to sell them that won't cause you to lose them?
> This isn't like tickets, where "return to pool and let an interested party buy it" is a viable strategy. Tickets are fungible, domains are non-fungible.
What does fungibility have to do with whether you can return something to the pool? The lack of fungibility makes it work even better, because if you want a specific domain and you find someone squatting on it, you can report them advertising it for sale. When the registry verifies that the report is true then the person filing the original report can be given first crack at the domain when it goes back into the pool.
Also, who is paying for the reduced fee, administrative and infra costs? And have you actually submitted gTLD application, or are you trying to crowdfund? Unclear to me.
90+% of people who would be willing to sponsor this stuff will go "hmm, I wonder where they've taken their money from, not us I guess." Not everybody reads comments, even fewer post ones of their own.
Being on the front of HN is a great opportunity, I'm afraid you haven't used yours as well as you possibly could.
I’m guessing, if designed well, the registration process could run on lightweight infrastructure. Maybe $1-5k total per year, not counting time. So it’s enough for a fun hobby project.
Having said that gestures to the entirety of the internet
So maybe not such a big deal.
Maybe you are not up to date on latest trends, but modern CDN purpose is to shield the origin from the public writ large.
However, perhaps more relevantly, it isn't clear why this needs a TLD and all the hassle associated with a tld when it could just as easily be attached to any convenient domain name lying around that you have access to, such as, oh, say, onmy.cloud.
Then again I have this objection to almost all TLDs. But I'm not sure I'm wrong.
At the very least if you want to show ICANN that you mean business I would strongly suggest just doing it on onmy.cloud, and tell people that if you get the .self you'll transparently migrate their onmy.cloud domain on to .self when you get it. Nothing says "I can do this" like actually doing it.
Regardless, a UUID is probably the right call. It doesn't help with memorability but it's at least more stable than an IPv4/IPv6 address and can be hard-coded. I wonder if you would get a full zone or if it's just an A/AAAA record given their broader goals of email and VPN tunneling.
https://www.iana.org/domains/root/db
Is this just an idea at this point, or some kind of "you have to use our DNS to resolve .self domains" scheme - ?
Inb4 they give away .docx
(Yes, the domain "readme.md" exists. Fortunately, whoever owns it is not using their power for evil and does not have any webserver there... but I'm not risking it.)
Cloudflare offers this now (their Pay to Crawl service) but its not geared towards every human getting paid for their content. As of today Facebook and other social media platforms profit from our content....not us!
- Centralized authorities for IP & DNS assignment? You (+anyone else you can convince) can just ignore that and it'll work in your bubble anyways!
- No centralized authorities for IP & DNS assignment? You (+anyone else you can convince) can just ignore that and it'll work in your bubble anyways!
My above pedantry aside, the article is explicitly about "The Internet" (it's even using the capital "I" oft forgotten about these days). I.e. the worldwide bubble which has centrally controlled assignment via ICANN/IANA, separate from other systems using the DNS/IP protocols. That's why it talks about ICANN and why bananamogul mentioned .self has not been centrally registered with IANA yet.
dancing.with.my.self
reference.self
interest.self
pleasure.self
gratification.self
b.true@to.thine.own.self
touch.a.touch.a.touch.a.touch.me
https://www.youtube.com/watch?v=x92ccvZCzlg
Note that I did not single out an individual coutnry. All governments always stride towards autocracy.
If it has both, it will be squatted to uselessness, and blocked everywhere because of phishing scams everywhere.
You can either make the domains cost money, which seems counter to the entire point, or disallow choosing the domain, instead handing out free what3words style names.
I suppose this will be done by ID verification, which is a complete and total non-starter for me, but they do have a vision of some kind.
It’s weird when sites have invalid email checks.
Offering one free per person is nice, it can be tricky to enforce but I think doable. Regarding privacy, even right now ICANN rules require a real name and address for the domain.
This project comes at the right time when because I see a lot of interest growing towards self-hosting.
I am biased though, I've been working on on OS for self-hosting , fully open source, Debian based, no restrictions https://github.com/malmoos/malmo
It’s not doable at all. There are millions of people that don’t need a domain but would be happy to be paid $5-10 by some random scammer to hand over their domain.
.self seems to be geared towards a 'accessible from the everyday net' kind of approach.
I definitely can appreciate the principles they're espousing even if I'm not gonna be giving them my dollars. More people should care about making sure technology serves humans, not vice versa :)
Locality domain (RFC 1480) rant: Who the heck is Multi-Paradigm Corporation and how come emailing us-dom2@i-theta.com with all of my "T"s crossed and "I"s dotted to register a domain results in silence. No response, not even a "go away".
I know there's some localities where you have to have notarized authorization on city letterhead but they're mostly administered by the people behind https://www.about.us/locality-structure
https://locality-domains.pages.dev/ is a good reference if you don't have WHOIS installed btw. I can't vouch for how up to date it is though since I just query the database myself.
Will there be any assurance that renewal prices will remain fairly stable, rather than being significantly raised after customers grow attached to their domains (a practice that seems to be common with new gTLDs)?
https://news.ycombinator.com/item?id=48447111
They're allowing comments and obviously the first thing there is a scam.
No way any goodwill on the Internet is going to prosper. Not anymore.
That all the cool 2-letter TLDs are designated as country codes was an extraordinary mistake that will have unpredictable and devastating consequences long into the future.
It's a commons-pollution problem. Are we going to have to start thinking of every word with a dot in the middle as a potential name? IMHO, a new gTLD is justifiable only when there's some concrete differentiator attached to it, e.g. .local indicating mDNS, or .it indicating "Italy"
What value is there in "horse.horse" being something you can resolve with DNS? What value does <something>.self give me, as a reader, that <something>.name or <something>.me or any of the other zillion variations on the same idea doesn't?
If anything, it creates confusion! "Oh, I met Bob McBobFace. Is he mcbobface.me? mcbobface.name? mcbobface.local?".
I have no objection to providing people with free subdomains under whatever assignment scheme you guys are using, but wouldn't <something>.net have worked too, and been a lot cheaper?
I guess I just don't get the value to the public of increasing the set of dotted word suffixes that indicate that a word is a a cognizable DNS object.
So the new gTLD round is open right now, we're getting more TLDs whether we like it or not. Our goal is to make one that has features built-in which cater to the self-hosting use case. So that is our key differentiator, that every endpoint leveraging our TLD should be someone's small-scale homelab setup.
> I have no objection to providing people with free subdomains under whatever assignment scheme you guys are using, but wouldn't <something>.net have worked too, and been a lot cheaper?
Technically yes it could work, but given the suite of features we'd like to build into our TLD, it would make things more difficult if we didn't own it. We would be dependent on external parties for our root domain, the root of trust for TLS certificates, all users' subdomains would have an extra dot etc.
Everything else on your roadmap could have been built and shipped in the universe that exists, and then if down the road it's working, you could have aimed for your own TLD.
Instead you're putting the TLD first and any of the actual functionality that end users might want afterwards.
The marketing stuff makes it look like the TLD is your main focus.
Even gTLDs using other languages, like .kaufen, are under US jurisdiction. A German website selling to German customers using a .kaufen domain is forced to abide by US law as well as German law or loses the domain. Using a .de domain they would only have to abide by German law. That's unfair that the US government gets to stick its grubby fingers into every TLD that isn't a country code.
You're right in a sense, but the US invented the internet, so they get to invent the rules, no?
However .me (https://namegulf.com/tld/cctld/me) is a ccTLD managed by the Government of Montenegro, they set their own rules
.zip .pdf .mp3
I'd like to thank Caribbean island of Anguilla for having a ccTLD that helps identify which websites aren't worth your time in one quick look.
If this is supposed to be human-centered, why isn't it .human? I assume there will be many agents with their own ".self" domains that have very little human oversight.
I’m happy with my .xyz domain for my homelab.
Setting up split horizon DNS was more of a pain than I expected, but it works now over headscale.
> - Everyone entitled to a subdomain at no cost
One subdomain, or one subdomain? Would I be entitled to something like "pavel.hosts.self"?
See https://newgtldprogram.icann.org/en/application-rounds/round...
And https://www.kickstarter.com/projects/dotmeow/meow-next-round...
[0] https://en.wikipedia.org/wiki/Will_Self
How/Why is this linked to a TLD and not a hosting provider ?
Given the amount of traffic this project has received by being at the top of the front page for half a day, one has to wonder if a different approach to soliciting donations would have yielded them more money.
Clearly, everyone here is at least interested in the idea of a .self domain, and I wager that most (even the naysayers) of the commenters would register theirs.
Imagine if instead of asking for a $15–125 donation behind a CTA, they asked for $2 to "pre-register" your domain (with higher tiers for more benefits). I have a feeling they would have raised a lot more money...
And do we really want another public identity anchor given the increasingly signs of a rise on government control and authoritarism?
What I dream of is an identity schema where your identity is context based, your friends can easily locate your game server, the IRS knows the stuff it legally can know about you, but it couldn't easily trace you as a taxpayer to you journalist or political blogger, even if you had a patreon or a substack and received money from supporters, the IRS can tax that money, but it can't link it to your anarchist blog.
Yeah, a pipe dream, I know. But, can we really keep on living on this world without dreaming a bit?
"Will be?" It's not up yet? Are they an approved TLD registry?
Their "pamphlet" is just their web site as a PDF file.
Are they selling domains, web hosting, DNS service, or what?
Right now, the only thing you can do is "Donate".
Cloudflare works but the cache give downtime after every IP-switch
I remember that the local service provider in the 1990s offered free homepages for all customers. Over the years this, strangely enough, disappeared completely; still not sure why, but it was harder to get hosting. It's still possible today, even for free, but it is more of a hassl and harder to do so than what I remember in the late 1990s early 2000s. I actually think every citizen should automatically get a free homepage etc..., if they want to (should be guaranteed to be an option, never mandatory of course; and I also think it should be a human right, together with access to information. Some countries perma-ban people who "violated" something e. g. downloaded copyrighted material, that also needs to be eliminated and states that do so should be called brutal dictatorships.)
DAVID UNGAR (ungar@self.stanford.edu)
Computer Systems Laboratory, Stanford University, Stanford, California 94305 RANDALL B. SMITH† (rsmith@parc.xerox.com) Xerox Palo Alto Research Center, Palo Alto, California 94304
Abstract. SELF is an object-oriented language for exploratory programming based on a small number of simple and concrete ideas: prototypes, slots, and behavior. Prototypes combine inheritance and instantiation to provide a framework that is simpler and more flexible than most object-oriented languages. Slots unite variables and procedures into a single construct. This permits the inheritance hierarchy to take over the function of lexical scoping in conventional languages. Finally, because SELF does not distinguish state from behavior, it narrows the gaps between ordinary objects, procedures, and closures. SELF’s simplicity and expressiveness offer new insights into objectoriented computation.
To thine own self be true. —William Shakespeare
https://bibliography.selflanguage.org/_static/self-power.pdf
That sounds like negative utility. That would make hosting an email server on one of your domains harder than hosting it on a .com, so what benefit is this providing?
How will you ensure this?
Edit: I've been rate limited because of this comment, apparently. Account burned - will make a new one. Dang says below it's because of flagged comments but I don't see many flagged comments in my history.
We rate limited you because of flamewar comments you posted in another thread, like this one: https://news.ycombinator.com/item?id=48723651. You posted over 50 times in that thread, and many of your comments there broke the site guidelines. That's abusive. If we didn't rate limit accounts for doing that, we might as well have no guidelines or restrictions at all.
0 - https://www.rfc-editor.org/rfc/rfc8375.html
> We do not recommend use of unregistered top-level domains at all, but should network operators decide to do this, the following top-level domains have been used on private internal networks without the problems caused by trying to reuse ".local." for this purpose:
[1]: https://datatracker.ietf.org/doc/html/rfc6762