
Questions About .org - hcs
https://blog.mozilla.org/blog/2019/12/03/questions-about-org/
======
rayascott
I personally think a 10% annual price increase on .org domains is outrageous,
considering the current price of a .org domain is $10. I know it's not a lot
of money to an organisation, but it's a huge chuck of cash to the company that
is getting paid across the millions of .org sites out there. It'll be
interesting to see what they do with this windfall.

re: [https://www.keypointsabout.org](https://www.keypointsabout.org)

~~~
colejohnson66
It’s because people don’t see the 10% as a lot. They go: $10 to $11 is nothing
without realizing that it compounds. Try it yourself: _pow(1.1 [110%], 7.27) ≈
2_. Every eight years, the price will have more than doubled.

Ok, $10 to $20 isn’t a lot. But what about 3 decades down the line? That’s now
$174. You maybe could afford the $10 (maybe even $40), but could _you_ afford
to pay that every _year_?

------
libab
[https://twitter.com/njal_la/status/1201420518848638976](https://twitter.com/njal_la/status/1201420518848638976)

------
Ericson2314
Could Firefox's DoH promote OpenNIC somehow?

~~~
mindslight
Better yet, setup something like the following:

\- Answer queries for .org. By default, forward queries to the legacy
(pillaged) registry.

\- Allow administrators of domain in .org to "opt in" to being managed by
Mozilla by placing special DNS records or the like.

\- "Opting in" is no charge from Mozilla if the Mozilla-registry nameservers
are setup to match the legacy registry

\- At any time, a domain owner can stop renewing at the legacy registry. If
the domain has been opted in to the Mozilla registry, its owner can pay
Mozilla instead to continue their registration with Mozilla (and other onboard
organizations/resolvers)

\- If the user stops paying the Mozilla registry, it removes the opt-in and
the ownership is up for grabs back at the legacy registry.

The idea being that .org sites, especially the ones we've all come to rely on
as infrastructure, could register with Mozilla to claim ownership of their
names outside of just the pillaged registry. Then if the looters raise fees
too high they can individually make the decision to cast off the legacy
registry after pointing their communities at the new resolvers, with no
disruption to services.

~~~
xg15
> _\- Allow administrators of domain in .org to "opt in" to being managed by
> Mozilla by placing special DNS records or the like._

Wouldn't this effectively be a hostile takeover of .org by Mozilla? This seems
like it could set a dangerous precedent.

E.g., what if Google decides later that some other registries are also
untrustworthy and offers management on Chrome?

~~~
dpark
Yes. This is a terrible idea and would result in the bankruptcy of Mozilla
from the inevitable lawsuits. The registry owner would sue them and they’d
also doubtless face a class action from the registrants themselves.

~~~
sudosysgen
They would have absolutely no grounds to sue. At all. There are already lying
DNS servers, they haven't seen any legal threat for this exact reason. Tons of
organizations also redirect DNS for their network.

~~~
dpark
Maybe I’m wrong. I’d expect that orchestrating a deliberate MITM attack would
violate some relevant laws.

~~~
mindslight
Creating a new name database that people can choose to use is not a "MITM
attack".

~~~
dpark
It absolutely is. Alice registers with Mozilla for the same .org Bob registers
with the official registrar and Mozilla sends traffic intended for Bob to
Alice.

~~~
mindslight
In your example, the traffic that goes to Alice is _intended for Alice_ ,
because the initiators of that traffic have chosen to use the new database to
direct traffic.

But also note that per my description, Alice can't just register a domain that
Bob has already registered at the legacy registry. Rather, the conflict in
your example can only happen if Alice is registered at the legacy registry and
Mozilla, lets her registration lapse at the legacy, and then Bob comes along
and attempts to lay technical claim to the name because it is not registered
at the legacy.

~~~
dpark
> _In your example, the traffic that goes to Alice is intended for Alice,
> because the initiators of that traffic have chosen to use the new database
> to direct traffic._

Is your proposal then that Mozilla doesn’t actually use this database unless
individuals opt in? In that case it’s worthless.

> _then Bob comes along and attempts to lay technical claim to the name
> because it is not registered at the legacy._

This is an entirely legitimate scenario. I don’t know why you’re being
dismissive of this as if it doesn’t matter. You’ve described a scheme where
Mozilla intentionally hijacks a registrar. Of course the original registrar is
still relevant.

~~~
mindslight
> _Is your proposal then that Mozilla doesn’t actually use this database
> unless individuals opt in? In that case it’s worthless._

.org consists of many projects that themselves build Internet infrastructure.
For example, Debian could ensure their ability to keep using debian.org in the
face of "Ethos" shenanigans by making it so all their infrastructure used the
new-world resolvers. And could even do the same for the repositories and apt,
if they wanted.

> _don’t know why you’re being dismissive of this as if it doesn’t matter_

It's not that it doesn't matter, but that I see it is a good thing if there
were competition between registries. In this scenario, what is actually
happening is that Bob and the legacy registry are attempting to lay claim to a
name that has already been claimed by someone else and recorded at the new
registry. So Bob and the legacy registry can't claim the already-registered
name in some universal sense - a registry of deeds does not own the plots of
land that it keeps records on!

~~~
Ericson2314
OpenNIC only uses unused tlds. But there could be an OpenNIC-only redirect in
the legacy DNS record that would encourage users to migrate. Then the
organization can look at traffic to decide when to switch.

