
Save .org - jaden
https://savedotorg.org/
======
walrus01
Some further background on what happened. I don't see how this can be
interpreted as anything other than corruption, plain and simple.

[https://www.theregister.co.uk/2019/11/20/org_registry_sale_s...](https://www.theregister.co.uk/2019/11/20/org_registry_sale_shambles/)

"Former ICANN CEO Fadi Chehade personally registered the domain name currently
used by Ethos Capital in May and it was registered as a limited company in the
US state of Delaware on May 14. That date is significant because it is one day
after ICANN indicated it was planning to approve the lifting of price caps
through its public comment summary.

As such it appears that the plan to purchase the .org registry was predicated
on the price caps going ahead and that those behind the deal had intricate
knowledge of ICANN’s internal processes."

~~~
tldmanagement
Posting from a throwaway account.

I worked at one of the main TLDs for years and was on one of the ICANN boards
and got to know the industry well.

It is well know amongst the domain name community that ICANN is a poorly run
organization, whose directors have in recent years have used their position of
leadership to lead decisions from which they are afterwards benefiting
themselves economically, in many cases by rushing decisions such as in these
case.

Peter Dengate Thrush was famous for pushing for the new domain extensions
(.anything) as chief executive of ICANN and quitting a month later to become
the CEO for a company that was the main bidder for a large number of
extensions. Fadi Chehade is doing the same with .ORG by lifting the price cap
on the prices of an established domain name and then gobbling up the company
that sells those domains.

Sadly, ICANN has little oversight and since its kind of in the air and doesn’t
report to anyone, the directors get away with what would be legally considered
corruption in most of the world. The fact that the internet community and most
Internet companies have never care about it makes doesn’t help, since a lot or
times the “multistakeholder” model that they claim to use in reality doesn’t
work.

Ultimately, this is why the DNS and domain name industry feels so shady in
general and why for most companies getting a name on the internet is a
tortuous process that feels very scammy, which is unfair and costs more than
it probably should. But so far we don’t have any good alternatives to the
current system.

~~~
byuu
The process of mapping name=IP is not remotely technically difficult, and I'd
dare say most people reading this message could implement the backend to such
a system in a few days.

Setting up the peering replication and nameservers around the world is
considerably harder, but it's definitely not a $10 billion+ problem (the
current value of registrars and certificate authorities.) A startup funded by
YC could handle that easily.

Dealing with all the companies trying to sue you over others squatting their
domains and having to decide who has the better claim would be the most
expensive part.

I really hate to say it because it's so cliche and overused, but a blockchain-
like system could remove the central authority, the server costs, and the
lawsuit risks. But it would introduce concerns over trust, most likely.

The really hard, unsolvable part is the unwillingness of the browser vendors
to support an alternative domain name system. If Chrome, Firefox, and Safari
all supported a new TLD outside of ICANN's control as a public service (let's
call it "Let's Resolve" which would offer free domains and would be funded
through donations), it would be very successful. If even one of them didn't
support it, nobody would ever consider using it for their websites. Browser
extensions, even _if_ they allowed access to intercept domain name lookups,
would not work. It would have to be supported out of the box in every major
browser, and well, good luck with that. Anything failing to herd those three
cats right out of the starting gate is absolutely dead on arrival.

Who knows though, maybe they'll raise .org prices just a bit too much, and
piss off an established non-profit enough to start a huge campaign to create
an alternative. But probably not.

~~~
hultner
Browsers shouldn't be the entity deciding on address resolution, a domain
system bound only to the web/httpx would be a huge leap backwards. This should
be up to the os and whatever names resolution the os provides should be
happily accepted by any network program, be it a browser, email client, ssh,
irc or something completely different.

~~~
byuu
Unfortunately, with at least Chrome and Firefox moving to DNS-over-HTTPS, they
_are_ the entities deciding on address resolution for 99% of average-user
requests.

I would agree with you in principle however, in which case there's an even
more impossible goal: get Microsoft, Apple, Google, and every Linux/BSD distro
to agree to a new OS-level alternate domain name resolver that functions out
of the box. And also stop Google and Mozilla from rolling out browser-level
DoH.

~~~
justinclift
Wonder if this means Cloudflare - and/or the other termination points for DNS-
over-HTTPS - could be an interesting place to start adding an alternative DNS
resolution system?

Then it wouldn't need to be done by any browsers... if the DNS-over-HTTPS end
point provider does the additional name resolution, it should "just work".

~~~
mygo
We’re here because a private company has taken over .ORG

I see what you’re saying in theory, but it can’t be cloudflare or a private
company or else it’s more of the same.

~~~
justinclift
If it's done as a coalition of the places which provide DNS-over-HTTPS, it
might work. :)

~~~
mygo
Negative. Private equity has billions to pay with. Everyone has a price.

------
jonah-archive
A couple additional things: EFF blog post on the topic:
[https://www.eff.org/deeplinks/2019/11/nonprofit-community-
st...](https://www.eff.org/deeplinks/2019/11/nonprofit-community-stands-
together-protect-org)

Here's the initial letter being sent from EFF & others to ICANN and the
Internet Society: [https://www.eff.org/document/coalition-letter-sale-public-
in...](https://www.eff.org/document/coalition-letter-sale-public-interest-
registry)

(Disclaimer: I work for the Internet Archive, and we are one of the initial
signatories to this letter.)

~~~
cobookman
Has the broader group thought about just buying their own tld?

With a better governance model.

~~~
ohashi
Would it matter? You're already locked into years, maybe decades, of brand
building. You'd still need to redirect your old .org indefinitely.

.ORG should be properly managed and regulated, we shouldn't need to attempt to
rebuild something because ICANN is corrupt and Internet Society is selling out
non profits they promised to serve.

~~~
jlokier
Not just brand building. How many accounts are linked to your email, and how
many of us have had that email on a .org for 10, 20, even 30 years in some
cases.

Do you even know how many accounts have that email address as either the
primary, or backup/recovery email?

An email address is central to identity management these days.

Lose a long established domain, and you might lose access to most of your
other internet accounts, especially the ones you don't use every day and are
hard to remember.

------
patrickdavey
This is just awful. For everyone wondering "how bad can it really be?", they
can put whatever cost they like to keep your domain registered. I have a small
carpooling site for ski fields in New Zealand - snowpool.org . I've run this
for 10 years, as a fun side project. If they hike the fees to 3K a year (or
whatever) then there's just no way I'd keep it going. I've have to migrate
somewhere else, which would be a complete pain in the ass.

I find it just awfully sad (and probably corrupt) that this happened at all,
and I really hope there's some higher authority that can roll this back - or
at minimum bring back the price-cap.

Very sad times.

~~~
Ayesh
This is the case for all new gTLDs. .pro to .xyz to . accountant, the registry
can put any price, be it zero or a million dollars.

~~~
jedberg
.com has price caps. Imagine what happens when they remove those and they can
just price everyone out of their .com names, names they may have had for 25+
years.

Imagine a world where whomever has the most money can control your brand. What
happens when McDonalds buys the Burger King brand because BK was priced out?

.com, .org, and .net are long standing shared resources that should not have
unlimited prices. They should be capped forever.

~~~
hrktb
McDonalds and Burger King can duke it in court.

It will be more site the kind of wikileaks that could get effectively removed
without having to go legal routes. Just have your friends price them out of
their domains. Nobody needs to even buy the domains, they just need to be
expensive enough to stay unused.

~~~
Mirioron
If this got really bad then I could see how a site like wikileaks would use
some secondary domain name service on addition.

------
windexh8er
I've been thinking a lot about the sheer downsides of DNS overall. We need
something different. Something decentralized, encrypted, something not reliant
on a protocol that hasn't kept pace with security and privacy and we need
something verifiable that provides accountability. As others have said TLDs
have become a racket. Only the priveleged and nation states have the authority
to use the system as a funnel of ridiculous revenue and rate manipulation. We
don't need DNS anymore. It's become more of a lynchpin to bottleneck and
advance control of the few and continues to erode our privacy as it stands
today. What's next?

~~~
pcr910303
Looks likes you’re wanting the decentralized web [0][1][2].

The DNS equivalent technology there is DHT(distributed hash tables) [3] which
was used in torrent technology for a few years. Ever wondered about how you
can find the torrent seeders without a centralized entity? The Bittorrent DHT
is the underlying tech.

[0] [https://ipfs.io/](https://ipfs.io/)

[1] [https://dat.foundation/](https://dat.foundation/)

[2] [https://www.scuttlebutt.nz/](https://www.scuttlebutt.nz/)

[3]
[https://en.wikipedia.org/wiki/Distributed_hash_table](https://en.wikipedia.org/wiki/Distributed_hash_table)

~~~
progval
> Ever wondered about how you can find the torrent seeders without a
> centralized entity? The Bittorrent DHT is the underlying tech.

The Bittorrent DHT is not fully decentralized, it needs a list of hardcoded
bootstrap nodes. [https://stackoverflow.com/questions/1181301/how-does-a-
dht-i...](https://stackoverflow.com/questions/1181301/how-does-a-dht-in-a-
bittorent-client-get-bootstrapped)

~~~
pcr910303
Well, it's for ease-of-use. Anyone can make an alternative DHT with their own
bootstrap nodes, but the Bittorrent main one is the biggest, therefore most
programs have that one hard-coded.

Anyone can make an alternative client that uses the exactly same tech with
different bootstrap nodes, and once they gain popularity, there will be people
using that.

Democratic, I would say.

------
jolmg
Lots of distros are in .org aren't they? I see Arch, Debian, Gentoo, Fedora,
Centos, OpenSuse, Raspbian, Damn Small Linux, Linux From Scratch, NixOS, Guix,
OpenWRT, PfSense, FreeBSD, OpenBSD, NetBSD, OpenSolaris, Illumos, and probably
lots, lots more.

GNU is also on .org.

Also languages, at least Python, Ruby, Haskell, Rust, Go, Clojure, Racket,
Zsh, etc.

.org seems to be the go-to TLD for open source projects.

~~~
segfaultbuserr
".org" is almost the standard for all community projects, there will be huge
impact if the management went wrong.

~~~
yuz
What will be the impact?

~~~
patrickdavey
I run a tiny carpooling site (not for profit) snowpool.org . If they turned
around and upped the fees to 3K a year or something, it would basically force
me to shut the service down.

This is an incredibly awful move, I'm completely astounded that it was allowed
to happen.

~~~
chii
if there's money to doing something, it will happen.

Why not just move to a different domain, and while your old one is still
"cheap", do a redirect etc?

~~~
patrickdavey
Because I've built up a presence over 10 years of running the site, so, I'm
not just about to move! It'd be a huge pain to move probably hundreds of email
addresses over to a new domain etc too (I sign up with [domain]@snowpool.org)

It completely depends on what they do, I've renewed for 10 years so I have
time now, if they put the fees to >500 a year then I'll definitely move.

Do you own a domain yourself that people have been using for 10 years? You
might feel differently about the ease of "just moving"

------
carapace
As if this couldn't get crazier:

> Goldman Sachs & Co LLC. is serving as financial adviser to both the Internet
> Society and PIR.

[https://www.bizjournals.com/washington/news/2019/11/15/resto...](https://www.bizjournals.com/washington/news/2019/11/15/reston-
operator-of-org-domain-sells-to-private.html)

~~~
koheripbal
This is what they do - finance deals. This is as notable as saying Wells Fargo
issued their home mortgage.

~~~
carapace
Wells Fargo, eh? Your example is apt, but perhaps not for the reason you
intended (unless you're making a subtle joke, in which case I apologize for
not catching it.)

> This timeline charts the most significant events in the sales scandal that
> erupted at Wells Fargo [in 2016]

[https://www.fool.com/investing/2017/09/24/a-timeline-of-
well...](https://www.fool.com/investing/2017/09/24/a-timeline-of-wells-fargos-
sales-scandal.aspx)

> Wells Fargo(WFC)charged customers a monthly service fee to maintain a
> checking account that many customers assumed was free and the bank is
> mulling how to respond to people who feel cheated, according to the bank and
> sources familiar with the accounts.

[https://thecapitolforum.com/wp-
content/uploads/2019/09/Wells...](https://thecapitolforum.com/wp-
content/uploads/2019/09/Wells-Fargo-2019.08.28.pdf)

> Wells Fargo and an insurance company it worked with have agreed to pay $432
> million to settle a class-action lawsuit brought by customers who say they
> were charged premiums for auto insurance they did not need.

[https://www.newsobserver.com/news/business/article237666879....](https://www.newsobserver.com/news/business/article237666879.html)

IMO only fools and masochists would continue to bank with Wells Fargo.

Anyhow, Goldman Sachs have no business being anywhere near DNS or ".org" at
all, at all. They're a bunch of crooks who make Monty Burns look sympathetic
in comparison.

[https://en.wikipedia.org/wiki/Goldman_Sachs#Controversies_an...](https://en.wikipedia.org/wiki/Goldman_Sachs#Controversies_and_legal_issues)

------
tottenhm
I think it's fair to see private equity as red-flag, and I feel ideologically
aligned with the folks raising the alarm here. OTOH, the concerns raised
include a lot of speculation (in the form of "could do bad" or "has the power
to do bad"), and that's also a red-flag.

It's interesting to compare ISOC's blog
([https://www.internetsociety.org/blog/2019/11/the-internet-
so...](https://www.internetsociety.org/blog/2019/11/the-internet-society-and-
public-interest-registry-a-new-era-of-opportunity/)) and the followups like
EFF's blog ([https://www.eff.org/deeplinks/2019/11/nonprofit-community-
st...](https://www.eff.org/deeplinks/2019/11/nonprofit-community-stands-
together-protect-org)) and SaveDotORG
([https://savedotorg.org](https://savedotorg.org)). They touch on a lot of
similar themes of community and transparency - which, on paper, makes it sound
like there's some meeting-ground.

As an outsider to the discussion, questions would be:

1\. What are some specific problems facing the ".org" registration process for
which capital/investment would be helpful? (Obviously, there's no perfect
answer. But as an outsider, it looks like ".org" registration already works
about as well as anywhere else, so one needs some examples to animate the
problem.)

2\. Would any of these folks care to improve their engagement/trust with each
other? Talking more specifics about "Stewardship Council" and "Community
Enablement Fund" might help. Or is some reason for bad blood?

3\. What kind of track record does this private-equity shop have? Have they
worked with other non-profit or socially-oriented endeavors? Maybe some
founders/staff/customers can give some positive or negative testimonials?

~~~
cannonedhamster
They lied to get price caps removed on .org and then sold it amongst
themselves to profit. I'm not sure how you trust people that start with a lie.
Look into the history of how shady this really was.

~~~
tottenhm
Yeah, this comment
[https://news.ycombinator.com/item?id=21612033](https://news.ycombinator.com/item?id=21612033)
links to an article on the Register which gives a lot more substance to the
concerns/reactions. That deeper story helps to show where the mistrust comes
from.

From the peanut gallery, it looks like the ball is in ISOC's+Ethos' court to
demonstrate their good faith as stewards...

------
chrisblackwell
People. We are losing the Internet that we all love and care for so deeply. We
all need to rise up to fight for the freedom the Internet gives us.

------
phantom_oracle
I mentioned in my last comment about this being outright corruption by the
Americans involved.

Now it is time to mention the 1 positive that the USA has that other
countries(visibly) don't:

> The willingness and ability to sue as a collective

.org is a domain used by everyone from Wikipedia, UN, Debian and your national
dog shelter.

Private Equity cares only about one thing: making money. Anybody with a toe in
the finance world knows that these are the same people that will do "hostile
takeovers" to strip companies of their assets, pile on debt and push out a
sale.

A class-action lawsuit targeting the PE firm(or parties involved in the sale
of .org) and then pushing your State Attorneys to investigate these corrupt
individuals at a personal level _will_ have the desired effect that appeals to
the moral high-ground won't.

~~~
kijin
I wholeheartedly agree. Letters like this only work for congresspeople, and
even then only some of the time. For everyone else, lawsuits, injunctions, and
criminal investigations are much more effective deterrents.

------
bbanyc
In 1998 Jon Postel briefly "hijacked" the DNS root zone. Formal control over
DNS had always belonged to the US government, but Postel commanded such
universal respect from the internet community that they were willing to follow
him, as head of IANA, over the government contractor that "officially" ran the
root at the time.

This of course is why ICANN was created, to bring governance of the Internet
closer to the community that developed and maintained it. But now ICANN has
become just as remote and unaccountable as the bureaucrats and contractors it
replaced. And Postel is long gone, and the Internet community has grown so big
and fragmented that no one person will ever have anywhere near the towering
position he once did.

So now what do we do?

~~~
throwaway2048
Except at least the American bureaucrats were accountable to the Department of
Commerce, and ultimately elected officials.

ICANN is accountable to nobody, whatsoever, in any capacity.

~~~
bbanyc
Wilbur Ross is even less trustworthy than ICANN. Which is saying something.

------
hliyan
This feels unreal! How is this even happening? Domains are more like the
airwaves than a commercial product. How can they do this??

~~~
behringer
Just wait until you see what they have planned for the airwaves next!

~~~
umanwizard
TBH I’d be happy for the (AM/FM radio) airwaves to be privatized if it meant
getting rid of the absurd, antiquated rules about not being able to say
certain words in song lyrics.

~~~
kdtsh
That shouldn’t be necessary though, better regulation of a limited resource is
preferable to no regulation.

------
mikedilger
Existing .org domains they can't move without overwhelming disruption, so most
will just pay whatever it costs. But for the future, we need to move the
Internet towards having peering relationships with TLDs such as OpenNIC.net.

Motivations:

* This issue of .org being sold for profit

* The fact that OpenNIC had to rename their TLD domains (e.g. .free to .libre) when ICANN created a colliding .free domain, demonstrating clearly that they are not peers.

Internet technologies such as browsers and operating systems should recognize
ICANN and OpenNIC roots as peers, with DNSSEC to both. Should ICANN decide to
create a .libre domain, existing browsers and operating systems should
consider it a DNS attack and not recognize it. I think an organization like
Mozilla ought to (1) flesh out any technical challenges, (2) support OpenNIC
and (3) push for this.

~~~
duskwuff
OpenNIC is a poorly managed amateur project, built on shoddy infrastructure
that was thrown together in the early 2000s -- it's completely incapable of
acting as any kind of peer to the ICANN root. In particular:

\- Their resolvers are not consistently available. Many of them are hosted on
public cloud hosts (which also raises some questions about their security),
and outages are not uncommon.

\- It's not clear that they support DNSSEC, or that they have any plan to do
so.

\- The governance of the OpenNIC-specific zones that they offer is even
shoddier than the DNS root itself. Most of them have no registry/registrar
distinction, no domain transfer process, no WHOIS services, and sketchy to
nonexistent abuse policies.

\- Since OpenNIC TLDs cannot be resolved on the public Internet, it's
impossible to issue a SSL certificate for one.

~~~
mikedilger
Most of your points are valid. That's why I'm suggesting Mozilla support it.
It would be a lot less "shoddy" if someone shepherded it. I think it is the
right idea.

The last point is only true because they aren't recognized, which recognition
would immediately fix, therefore it is moot.

~~~
duskwuff
My concern would be that it's enough of a mess that Mozilla would have an
easier time building an equivalent project from the ground up than reshaping
this one into something reasonable.

I could be convinced that a community-based restructuring of DNS could be for
the better. But I don't think that OpenNIC is the right project to base that
around. The technical aspects of what they've built are not complicated, and
much of that would need to be changed anyway to operate at scale; good
governance is a lot harder to build.

------
jdkee
Again why does ISOC feel they have to do this? Are they starved for funding?
This sale directly contravenes several of the founding ideals of the Internet.

~~~
ohashi
Why did it happen entirely behind closed doors? No way they got this deal
together just after price caps were removed. Was this orchestrated beforehand?
Domain registrations for Ethos Capital pre-date the change and timing
coincides with proposed contract change to remove price caps.

What does Andrew Sullivan get for this move? Is Jon Nevett connected as well
considering his ties to Donuts which is connected to Abry Partners which was
managed by now Ethos Capital CEO?

So many questions, all this happening in shadows means we shouldn't give any
benefit of the doubt.

------
devit
How about getting the browser and OS makers together to use an alternate DNS
system?

It only needs Google, Mozilla, Apple and Microsoft to agree and ICANN can be
made irrelevant overnight.

~~~
hk__2
> It only needs Google, Mozilla, Apple and Microsoft to agree and ICANN can be
> made irrelevant overnight.

Of course not. The Web is only a small part of the Internet. DNS is used by
way more services than Web browsers.

~~~
Brian_K_White
But the value of preserving your existing address exactly, including .org on
the end, mostly only exists in browsers, where humans find things initially.

Actually, I bet by now it doesn't even matter that much even there any more.
Consider how the search in google already forms an effective alternative dns
for many actual humans attempting to manually go somewhere.

If you have a .org domain, you can change all the non-browser uses of the
domain pretty easily. The tools in the background of things don't care what
the names are. You can change them and it's really not that much of a
disruption.

Once someone finds your site, via their browser, you can populate that site
with whatever kinds of urls and directions and references you want. Just like
no one really cares how ugly and long all the urls to actual things other than
the front page are. Your site can include say, the directions to access your
API, and those directions don't have to say foo.org in them. Even existing api
users that break if you have to change your name, can react to that change
easily enough.

Email is probably the biggest problem. We will all simply have to never pin
too much dependency on any single email address. But we _already_ have to do
that, so no loss.

If you had set up your own domain so you weren't at the mercy of google
killing your gmail account and killing your ability to prove ownership of
everything else in your life, well you would just need to have more than one
email registered with everything like paypal etc. So me@mydomain.org can break
and you don't die from it.

You just better realize your domain is going to break and unregister those
emails everywhere before it goes into someone else's hands. Because when
someone else owns a domain, then they can receive all emails sent to any name
at that domain, including "reset password" mails.

It's not the most fun passtime, but it's not necessarily the end of the world
either.

It really is human interactive web browser usage where the exact name matters
most. So if cloudflare and google simply sent browsers to the right place and
ignored the traditional root authority for .org, or any other name lookup,
that would pretty much be good enough.

Google could do it already without even violating dns just through search
results.

------
shotashotshota
I don't understand why everything must "grow and adapt ...". Can't something
just stop evolving? Its not like its failing or something, we don't need
everything to do everything just be good - very good - at what you do.

------
matheusmoreira
This been in the making since the start of the year:

[https://www.namecheap.com/blog/keep-domain-prices-in-
check/](https://www.namecheap.com/blog/keep-domain-prices-in-check/)

[https://www.reddit.com/r/programming/comments/bi6gg5/help_ke...](https://www.reddit.com/r/programming/comments/bi6gg5/help_keep_domain_prices_in_check/)

[https://news.ycombinator.com/item?id=19769952](https://news.ycombinator.com/item?id=19769952)

[https://news.ycombinator.com/item?id=19763078](https://news.ycombinator.com/item?id=19763078)

[https://news.ycombinator.com/item?id=19752425](https://news.ycombinator.com/item?id=19752425)

[https://news.ycombinator.com/item?id=19747512](https://news.ycombinator.com/item?id=19747512)

------
0xcde4c3db
I've always been a bit confused by the relationships among government
agencies, ICANN, IANA, the registry-operating entities, etc., and this site
doesn't seem to explain _why_ the CEO of the Internet Society is the right
person to appeal to. Can anyone point to an explanation that summarizes the
overall flow of authorities and obligations involved here?

~~~
ohashi
Only entities who could stop this, ICANN (this is being pulled off by insiders
including former ICANN CEO). Internet Society - they did this deal in the
first place. And... who the hell knows? Could the US Government step in?
Maybe? They stepped back during Obama admin, I'm not a lawyer but someone
needs to step up and I've lost faith in both ICANN and Internet Society.

------
danielfoster
The entire domain system is a racket.

~~~
byuu
It always astounded me that for the longest time until only recently, you were
expected to pay additional money, more than the domain cost itself, for HTTPS
security (and if you wanted a wildcard certificate, substantially more money.)

I guess when the gTLD explosion didn't result in massive new profits for the
new TLDs (some are $100+/year!), the powers that be decided to focus on
existing TLDs instead where there's extensive decades-long lock-in effects at
play. No one needed company-name.ninja, but good luck giving up your company-
name.org to a squatter or worse, your competition.

------
Brian_K_White
Why can't we simply configure clients to use a phonebook we like, rather than
the phonebook we don't like?

Today, it's relatively easy to create something like a piece of software and a
db of alternative roots. And any clients which have that kit installed are
suddenly simply ignoring pieces of what the traditional roots say.

Yes it would be fractured for a while. But it's no worse than say, dns over
https, and the way say, you can't reach archive.is while your browser is using
doh, but can when you turn doh off. (unless they finally fixed that, but that
was the situation for a ridiculously long time after both cloudflare and
archive.is were made aware.)

We already have such things today, so might as well employ it as well as
suffer it.

~~~
robbya
As a website owner, how do I track down all the alternate roots I'd need to
register with? If each of those charge a fee, how much will I need to spend on
each root? If I need to perform an OPS task like flipping to a new external
load balancer IP, how many alternate robots do I need to coordinate with, and
how much testing do I need to verify each root is updated?

------
TomMckenny
It's amazing that .org avoided some powerful group injecting themselves as
rent seekers even this long. It's a pity we've decided to run society this way
generally.

------
squeezingswirls
I fully support any campaign against the .org TLD hijacking but it would be
good to know who's behind that savedotorg.org domain name. A whois search
gives me 'Registrant Organization: Data Protected'.

I'd like to know to whom are we giving our email addresses, and what are they
going to do with them?

~~~
SyneRyder
That could be due to GDPR. Some European registry companies believe GDPR makes
the collection and publishing of WHOIS data illegal.

ICANN is currently suing a Tucows company in Germany [1] over their refusal to
comply with WHOIS data collection, and ICANN published a Temporary
Specification that allows/requires every other registry to hide WHOIS data
globally pending the result of the GDPR court case [2].

Of course, that doesnt prevent savedotorg.org from posting their own "About
Us" webpage explaining who they are.

[1]
[https://www.icann.org/news/announcement-2018-05-25-en](https://www.icann.org/news/announcement-2018-05-25-en)

[2] [https://www.icann.org/resources/pages/gtld-registration-
data...](https://www.icann.org/resources/pages/gtld-registration-data-specs-
en)

~~~
squeezingswirls
Yes, an "About Us" page should be included on that site at least.

AFAIK GDPR protects personal data only, so if the savedotorg.org registrant is
an entity of any kind then it shouldn't be any problem publishing that info.

~~~
squeezingswirls
They've added an "About this site" page now. As I can't edit my previous
comment, I'll add the link here
[https://savedotorg.org/index.php/about/](https://savedotorg.org/index.php/about/)

------
jnwatson
I happen to live down the street from the Internet Society.

What could I do in person to emphasize the point?

~~~
thepete2
paint something with chalk on the pavement before their entrance? Harmless and
gets attention

~~~
orthecreedence
"greed.org"

------
davidu
This is essentially a hijacking of the DNS as far as I’m concerned. The sale
of .org is heinous; And I’m an unabashed capitalist.

There is absolutely nothing defensible about this move that I can see.

Is there any argument that this is beneficial to anyone except Ethos and
Internet Society? Is it even clear they have the right to sell it?

Has every person at ISOC submitted conflict statements? Are they willing to
commit to never benefit financially from Ethos controlled entities for 10+
years?

~~~
3xblah
"This is essentially a hijacking of the DNS as far as I'm concerned."

At the last NANOG, the keynote speaker described three instances where
companies have "hijacted" the DNS.

[https://blog.apnic.net/2019/11/04/dns-
wars/](https://blog.apnic.net/2019/11/04/dns-wars/)

The first "hijack" was Versisign wildcarding unregistered .com and .net
domains
([https://en.wikipedia.org/wiki/Site_Finder](https://en.wikipedia.org/wiki/Site_Finder)).
The second was OpenDNS redirecting Google searches to an OpenDNS proxy
([http://web.archive.org/web/20120518025819/http://www.opendns...](http://web.archive.org/web/20120518025819/http://www.opendns.com:80/support/article/111)).[1]
The third is the EDNS client subnet extension.[2]

1\. Acording to the keynote this led to the creation of Google Public DNS
"within 45 days".

2\. If I am not mistaken, OpenDNS was an early proponent of EDNS client subnet
adoption.

------
ccvannorman
TLDR: "Dear Mr Andrew Sullivan, even though you already had extensive meetings
and plans to sell and you are fully aware of the damage you'll cause, and have
decided instead to take the money and run, please reconsider."

Why would someone so greedy and tone deaf possibly give a damn about such a
letter? He's walking away a rich man and he already made his choice fully
knowing.

If you want to Save .org, abolish ICANN. It's time to take our medicine, ICANN
with no oversight has predictably led us to an internet controlled by greed
and corruption of a few wealthy elite.

Appealing to the greedy will get us nowhere.

We need to seize power, not to plead.

------
netfl0
Does any one have a source for the rationale behind the sale? I was surprised
it was even considered.

~~~
visiblink
Read this:
[https://www.theregister.co.uk/2019/11/20/org_registry_sale_s...](https://www.theregister.co.uk/2019/11/20/org_registry_sale_shambles/)

It appears to be a corrupt inside job.

~~~
netfl0
Wow, despicable. Thank you.

------
NickNameNick
At what point does the internet community simply decide to fork the DNS root?
I know it's a management nightmare, but the existence of an alternate root
would put a cap on the value of the existing one.

~~~
simlevesque
[https://www.opennic.org](https://www.opennic.org)

------
gorgoiler
Is there an effective direct action that can shake ICANN into some sense?

I don’t mean this as a serious suggestion, but as an example we could have a
“drop dot org” month where resolvers refuse to forward queries to the ORG
nameservers.

Not a great example because it would have a pretty negative impact on the
domain holders, and no impact on ICANN. Can anyone think of a better example,
equivalent to saying to ICANN “if you go ahead with this then we’re going to
boycott dot org in a way that makes it worthless”?

~~~
liveoneggs
Why do the resolvers need to follow what ICANN says to use for .org? They
could revolt if coordinated

------
tobias3
As a plan B. Is there any top level domain run by a non-profit where I can
switch to long term?

~~~
teddyh
If you mostly trust your local government, perhaps your national ccTLD would
be fine?

~~~
tobias3
Hmm, in my case this would be .de/DENIC. Seems to be organized as a
cooperative with those members: [https://www.denic.de/en/about-
denic/members/member-list/](https://www.denic.de/en/about-
denic/members/member-list/) So not very promising.

But .eu/EURid seems to be a non-profit.

------
joecool1029
I've found it curious that while there's a relationship to trademark for US
domains (the .com/.org/.net ones) in anti-cybersquatting law and UDRP, the
USPTO doesn't have a mechanism to tie a domain to a mark.

This would be useful if we could register our marks and tie it to a domain,
along with the standard application fee. At least for certain TLD's (.com
would be a good candidate).

FWIW, I have a long history of dragging registrars through the mud to get
clients' domains back. As of this time, I am in a dispute with GoDaddy over a
domain that was deleted because GoDaddy sells a 'business registration'
service. My client renewed this thinking it was for his expired domain,
GoDaddy updated the WHOIS nameserver records and the site came back online. 45
days after the initial expiration GoDaddy dropped the domain without notice
and a broker picked it up. I can't even go through UDRP on this because the
client never registered their trademark.

------
ddingus
There is no added value to justify doing this to .org.

It is rent seeking.

------
yabadabadoes
I think it is possible to do a "name drop" similar to a coin drop and either
change the accepted ending for .org or remove ICANN's authority over namespace
altogether.. One issue might be creating an acceptable authority for
certificate registrar's, so let's encrypt has an explanation of what domains
it confirms and how if not via the ICANN derived path.

------
damm
If everything is as corrupt as some throwaway states why build a new domain
registration system more free and open?

I know it's work however if done right (or better) a .org should be low cost
for a NGO and how about a decent non profit tld so they could have it lower
cost or free?

Sure it sounds hard but the automation and handling enrolling new domains is
the real work

------
danyork
For more information about this transaction, please see this post from one of
the Internet Society Board of Trustees members who voted for the sale (as did
they all unanimously) - Why I Voted to Sell .ORG -
[http://www.circleid.com/posts/20191127_why_i_voted_to_sell_o...](http://www.circleid.com/posts/20191127_why_i_voted_to_sell_org/)

------
arminiusreturns
When I ranted about how the transfer of DNS power under the Obama admin was a
bad idea and stuff like this would happen I got called a crazy conspiracy
theorist... I'm getting really tired of being right about bad things, the "I
told you so" is very hollow.

------
Iv
It is OpenNIC you need to petition, so that they accept to cause a schism on
the .org TLD

------
vkaku
I also think ICANN is a very corrupt entity now, with very bad governance at
the moment.

------
partiallypro
Serious question, what are the actual downsides of this, if any? Or is the
backlash due to the "private equity" being associated with evil? Doesn't seem
like anything is actually changing other than who issues .org?

~~~
tryptophan
It costs like 3$/year (or less probably) to register a domain name. But once
you build your brand/website/etc you are tied to your domain name, which is
tied to that registry.

This gives the registry huge leverage over you. That 3$ that it actually costs
them to run it can increase to whatever price they think you will be willing
to pay and you can't not pay it...you would lose your spot and identity on the
internet. Its not like with registrars, like godaddy, ghandi, bluehost, etc...
that you can switch between in like 24 hrs.

IIRC .orgs were price controlled, so the price couldn't rise, but with this
takeover, the price controls have gone away.

~~~
JonathonW
PIR currently charges registrars about $9/year per domain, with registrars
allowed to mark that up however much they want without restrictions-- AFAIK
neither the "wholesale" price nor the actual price from registrars is
currently price controlled by ICANN.

Regardless, I don't see how moving .org's operations from a non-profit (PIR)
to a private equity firm benefits anyone, except the owners of said private
equity firm. You're basically taking something that could operate at-cost and
giving it a mandate to turn a profit-- the only way that happens is if prices
go up. Likely a lot.

~~~
ohashi
PIR is already a rent-seeking organization designed to fund Internet Society.
They don't actually handle the registry at all. It's outsourced, they put it
out to bid. If you look at financials, they are paying <$2/domain.

Yes, ICANN granted a monopoly to ISOC in the form of PIR, who have been
allowed to increase prices consistently for years but at a capped rate. And
they wanted more. As costs have gone down.

Then everyone at ICANN talks about not being a price regulator and free
markets. Ignoring the fact it's a monopoly, and not one ISOC/PIR played any
role in creating, it was a gift from ICANN. A perpetual, no bid, contract with
ever increasing prices on a decreasing cost monopoly good.

------
Razengan
Half-baked idea for an alternative to domains:

Let every site have a UUID, kinda like TOR addresses, and let the host/servers
as well as users specify multiple human-readable shortcuts for that UUID.

So HN might get o4u20j4c9qwybv3u0p2hnxjq4k1n4vmcsvtvm2666kjn123 and no other
site should ever get the same ID until the heat death of the universe, and you
could access it by any name you want.

Something like that would be resilient to impersonation, takeovers, brand
renaming, and other issues.

~~~
PostOnce
you're describing ip addresses and domain names

~~~
Razengan
I'm talking about something akin to onion addresses:

[https://en.wikipedia.org/wiki/.onion](https://en.wikipedia.org/wiki/.onion)

------
shakethemonkey
Is there a reason why price caps on .org can't be restored?

------
ur-whale
One more argument for taking out name-to-IP translation entirely out of
"managing organizations" and moving it onto a fully decentralized blockchain.

------
r721
Related discussions:

[https://news.ycombinator.com/item?id=21592297](https://news.ycombinator.com/item?id=21592297)

[https://news.ycombinator.com/item?id=21582622](https://news.ycombinator.com/item?id=21582622)

[https://news.ycombinator.com/item?id=21557779](https://news.ycombinator.com/item?id=21557779)

------
fwxwi
Can't, like... the biggest DNS servers of the world just turn their backs to
the current management of .org and delegate that power to another entity?

------
swsieber
Time to have a collectively funded .ngo TLD?

~~~
ohashi
Already owned by PIR (which runs .ORG and is being sold to Ethos Capital).
Sorry, it's a group domain fucking. You're welcome - Ethos Capital, probably.

------
bouger
Perhaps the most likely way to stop the sale would be to make a competing
offer and outbid Ethos.

------
jacob-malthouse
Did a podcast explainer on this here:

[https://www.wholewhale.com/podcast/152-why-we-should-save-
or...](https://www.wholewhale.com/podcast/152-why-we-should-save-org-domains/)

------
unityByFreedom
Have to wonder if this campaign is just going to increase its value further.

Is .org really a valid way to verify legitimacy of a non-governmental
organization? Should we be looking for another solution here or is this the
right hill to die on?

------
diminish
Icannn is a corrupt organization as anyone inside knows.

------
christopoulos
Could we include .book while we’re at it? Seems like the handling of that TLD
went really wrong...

------
chmaynard
Has anyone checked to see how many for-profit corporate websites are using
.org? My favorite example is coursera.org.

------
jhales
Is it okay for startups not based in the `British Indian Ocean Territory` to
use `.io` for their domain?

~~~
umanwizard
Yes. Why shouldn’t it be? I genuinely don’t understand your argument.

------
jacob-malthouse
savedotorg.org campaign now over 6000 letters in under 36 hours. over 200k
visits.

------
vkaku
Done. I own a org site myself.

------
foxhop
I think I give up on the Internet that we know today. I'm too tired to fight
anymore. Monopoly ISPs with data caps, DNS rent seeking, the walled gardens,
the internet of shit where I cannot walk down my street without getting
recorded by every house with a "ring".

I'm done with it. I don't want to partake anymore, I don't want to fight it
anymore, I don't want to care anymore.

Let the Google's and Facebook's have the old Internet. I'm done with it.

The dream is over. The magic is gone for me. The old Internet is gone. Let
them have the rest.

Maybe then, and only then we will rise up like a Phoenix, with a solution that
cannot be stolen out from under us.

~~~
sieabahlpark
How about we just use different domains?

.org is gone, use .com or .net or any of the other hundred of domains.

~~~
Thorrez
When you have a site you want to keep it at that same domain, otherwise all
the links to your site around the internet will break.

------
sambe
I guess it makes sense to renew now for as many years as you can?

------
koolba
How much does it actually cost to run a TLD?

Even with the usual governmental bureaucracy overhead I bet it’s be a rounding
error. Seems a good fit for something like the UN to take over.

~~~
greggman2
No! I agree with you that it seems like it should be cheap but imagine the UN
ran it. China would veto ".tw" as just one example of the many problems with
government type entity in charge.

~~~
ohashi
Now China can simply buy Ethos Capital and run it. It's way cheaper than the
UN.

~~~
greggman2
I'm not arguing having Ethos Capital is good. I'm arguing the UN running it is
not a solution. (nor any likely government body for that matter who will
likely take down any organization they don't agree with)

------
exegete
I can’t visit the site. First there’s an SSL cert problem and when I bypass
that Verizon blocks it as malware.

~~~
Thorrez
What SSL cert are you seeing? The site seems fine to me, and the SSLLabs check
looks fine.

[https://www.ssllabs.com/ssltest/analyze.html?d=savedotorg.or...](https://www.ssllabs.com/ssltest/analyze.html?d=savedotorg.org)

~~~
exegete
I think the cert issue is because of DNS hijacking by my ISP so that they can
(falsely) tell me the site has malware. I can’t view the cert now that I’ve
made an exception to it.

------
mikorym
> the sale of .ORG

Wait, what???

------
_qhtn
Where should I mail a bomb?

~~~
dang
We've banned this account for repeatedly violating the site guidelines.

[https://news.ycombinator.com/newsguidelines.html](https://news.ycombinator.com/newsguidelines.html)

~~~
sgt
Seems like he posted a lame joke. The appropriate response would be for other
users to downvote him. I've seen his other comments and he'll regularly be
downvoted, but I think you're overreacting a bit. Perhaps you should stick to
making sure HN runs, and aside from that mind your own business?

~~~
dang
Note that word 'repeatedly'. When people post like
[https://news.ycombinator.com/item?id=20958824](https://news.ycombinator.com/item?id=20958824)
and
[https://news.ycombinator.com/item?id=20902321](https://news.ycombinator.com/item?id=20902321)
and ignore our requests to stop breaking the guidelines, we ban them. If we
didn't, the guidelines wouldn't mean much.

Sadly, it's my business to deal with flamewars, personal attacks, trolling,
and other abuses of HN. If flames are allowed to burn this place to a crisp,
HN won't be HN anymore. And eventually there wouldn't be anything worth
running or anyone to run it for.

~~~
sgt
I've gone through some more of his comments and found that you were absolutely
justified. Sorry for my remark.

------
celeritascelery
Watch the new private group that controls .org revoke their right to this
domain.

------
parhamn
Is $10 the magic number for 'orgs'? Say the PE raised it to $20, how bad would
that be? If it were $5 and doubled to $10 still as bad? Why is $10 the just
amount? What about orgs that can't afford that?

How high is it ok for the PE to go on fees? Why? (Tone is to point out how
arbitrary this all is, genuinely curious otherwise)

~~~
rocqua
They can hike without limit, and they can _target_ the hike. So they could
make wikipedia pay 10000 a year when they need to renew.

If they had all domains at the same price, price hikes would be much less of
an issue.

------
guywithahat
> This article was brought to you by the domain squatters lobby

But seriously I don’t see what’s wrong with this sale. There are no
restrictions on who can use a .org domain anyways, and the only people price
increases really affect are domain squatters (real organizations can afford
10x the current price without batting an eye). I don’t see what’s wrong with
this sale

~~~
csixty4
What exactly are "real organizations"? I can think of two long-lived NFPs in
my life that can barely afford hosting & domain registration right now.

------
jacob-malthouse
ISOC CEO does not consider the public reaction or petition significant. He
stated that a mere 10,000 signatures when there are millions of .orgs
indicates lack of public concern or any serious opposition to the deal.

Ethos Capital paid $1.135 billion for total, unconditional, purchase of the
PIR from ISOC.

ISOC just "grabbed the opportunity when Ethos presented it,"

ISOC have reviewed Ethos’s governance plans and approved them, but will have
no means to enforce compliance with those plans.

The deal must be approved by the end of the 1st Quarter 2021 or it fails. The
exact date is still confidential.

It must be approved by two bodies – ICANN and the Pennsylvania Orphans Court,
which is a specialist court for estates and trusts.

The PIR is incorporated in Pennsylvania and this court must approve changes in
the PIR charter in order for Ethos Capital to take ownership.

This is because “the Orphans’ Court judge is the ultimate defender and
protector of the fund in question, and the Orphans’ Court will protect that
fund and ensure that the fund is distributed to the correct beneficiary”

There is a good introduction to this court at
[https://www.skhlaw.com/pennsylvania-orphans-court-101-all-
th...](https://www.skhlaw.com/pennsylvania-orphans-court-101-all-the-basics-
you-need-to-know-before-venturing-in/)

This means that if the Pennsylvania Orphans Court has not reached a
determination by 1st April next year, or if that decision is being challenged
in a manner which delays implementation, the deal fails.

~~~
dang
You've created multiple accounts just to post on this issue. Single-purpose
accounts aren't allowed on HN, and neither is using the site for political
battle, even on an issue where the community is largely in agreement. Could
you please take a look at this reply I posted to your other account?
[https://news.ycombinator.com/item?id=21660175](https://news.ycombinator.com/item?id=21660175)

You're certainly welcome to participate as a community member, which means
following the guidelines at
[https://news.ycombinator.com/newsguidelines.html](https://news.ycombinator.com/newsguidelines.html)
and using the site as intended, for intellectual curiosity. But it's not ok to
use it as a platform for a cause, no matter how good a cause it may be.

Also, please don't copy/paste comments here. That lowers signal/noise ratio
and breaks the site guidelines, which call for curious conversation.

~~~
jacob-malthouse
Hey! Sorry about that. I was trying to learn how to use the platform on my
phone. :) Do you want me to delete the comments? Or can you delete them?

