
Securing Your Domain Against Seizure: Where Is Safe to Register a Domain Name? - Mizza
http://gun.io/blog/secure-your-domain-where-is-safe-to-register-a-domain-name/
======
kijin
UAE and Palestine? Seriously? UAE has a questionable track record insofar as
journalistic freedom is concerned. It ranks #112, below Liberia and South
Sudan, in RSF's Press Freedom Index. What if one of the Emirs is offended by
what I post on the site? Palestine ranks #153, not to mention you'd have to
take Israel into consideration when you do anything Palestine-related.

Gandi.net is an excellent registrar, but I'm not sure about them anymore since
they now operate in the UK and US as well. They even have a US-incorporated
subsidiary.

~~~
larrys
Agree. And all of this is ridiculous anyway. A non-issue for the vast majority
of startups who want to do something in the US. Think you're going to get
funding and grow your company with a foreign TLD doing something that the US
government might disapprove of?

Not to mention the fact that the entire OP is based on the way things are
TODAY and that assumes it's even accurate. Which of course it's not (just
taking your comment as one of many which makes an important point about UAE.)

Most importantly things in the political world can change overnight.

.ch is Switzerland which is great everybody thinks. Guess what? Check out the
way the Swiss caved into US demands on revealing those keeping money in swiss
bank accounts. Those accounts were secret for a very long time. Then that
changed.

[http://www.time.com/time/business/article/0,8599,1917648,00....](http://www.time.com/time/business/article/0,8599,1917648,00.html)

~~~
bo1024
> Think you're going to get funding and grow your company with a foreign TLD
> doing something that the US government might disapprove of?

The web's biggest sites right now (e.g. YouTube and Facebook) are doing things
the U.S. government doesn't approve of. They haven't been shut down ... yet
... but Megaupload has, and what's the functional difference between what
Megaupload does and what YouTube does?

My point is just that the way the U.S. gov't is going, no decent web
application is safe from being taken down. Anything with user-generated
content is basically wide open for seizure.

~~~
elithrar
> but Megaupload has, and what's the functional difference between what
> Megaupload does and what YouTube does?

The difference, at an organisational level, is that MegaUpload is run by a
very small team and is "foreign". Google/YouTube, on the other hand, is an
American company employing a number of Americans.

The majority of voters probably care little about MegaUpload (even if they
should care). But you can be sure they'd care if YouTube was shut down/the
domain seized.

~~~
larrys
What you said reminded me of an old saying. It goes something like this.

"If you owe the bank $10,000 and can't pay you have a problem. If you owe the
bank $100,000,000 and can't pay the bank has a problem".

Size matters.

------
redthrowaway
I take issue with the author's criticism of .is. They've recently told most of
the world to go fuck themselves, and one of their members of parliament is a
Wikileaks spokesperson. I'm thinking they're pretty pro-freedom.

~~~
lunarscape
As an Irish citizen I must admit I'm a little envious of how Iceland has faced
down the rest of the world, even if I don't agree 100% with what they did. I
think the authors criticism is primarily an economic one. Like Ireland,
Iceland is economically weak and can't afford to annoy major trade partners.
Would the government concede certain things if subtly threatened with
sanctions, even unofficial ones, over IP etc? Maybe, maybe not. Ireland
certainly would fold immediately.

~~~
justincormack
They didnt fold when the EU tried to get them to increase tax rates on
companies like Google and Intel though did they.

~~~
dublinclontarf
Yet.

------
rmk2
I think the article forgot its own criteria half way through...

> Countries with military mutual defense agreements (NATO, etc).

And then he continues to name both Sweden and Norway...Norway is a NATO-member
(though not part of the EU, just the EEA), and while Sweden is not a NATO-
member, it is an EU member state, which means it is involved in EU-defence
just as well...(and even though Iceland's economy has recovered well, they are
_also_ a NATO-member) Norway is definitely not militarily neutral, since they
have troops in Afghanistan.

He also doesn't give a definition for what a "small"-sized or a "medium"-sized
country is...

[edited for clarity/spelling]

~~~
drucken
Yes, I would not have thought countries gets much smaller than Iceland! :)

Small countries are a poor choice for many reasons, not least because too much
can change too quickly and it does not require much capital (monetary or
political) to capture such a state. Though, obviously, they can be useful for
redundancy.

That said, it could be the author meant the list more as optimization criteria
rather than a firm checklist. In which case, both the strongly-independently
wealthy Norway and the politically liberal and neutral Sweden, are not bad
choices.

~~~
rmk2
Oh, I agree, it's not so much that either country is a bad choice per se. And
pointing out that a country subject to various bilateral treaties might
provide problems down the road is also fair.

Just thought i'd point it out for those that might not know about their degree
of international collaboration.

However, especially Sweden is ambiguous at best in my opinion, given their
recently enacted strong wiretapping laws. They might not be a problem yet, but
they provide the basis for future trouble.

~~~
Gigablah
I disagree with the .sg suggestion too. Singapore is an ACTA signatory and the
government is in discussions with the MPAA for tougher IP legislation
([http://www.channelnewsasia.com/stories/singaporelocalnews/vi...](http://www.channelnewsasia.com/stories/singaporelocalnews/view/1176385/1/.html)).

Not to mention it's a "small" country (you can't get much smaller than an
island)

~~~
caf
Agreed, the author is clearly unfamiliar with Singapore - it's a highly
authoritarian country.

------
JBiserkov
How about .eu? An obvious choice for any European company planning to expand
beyond national borders.

EURid European Registry for Internet Domains) is a non-profit organisation
established by the European Commission is a consortium of three European ccTLD
operators: DNS Belgium (.be), IIT-CNR (.it) and NIC-SE (.se).

Am I missing something?

~~~
wilfra
Lots of online poker sites have been switching to .eu

------
drats
I think a distributed .alt where people can have a "backup" of their domain
would be nice. gun.io with gun.io.alt running concurrently on the distributed
system. It would be a nice reference to the alt.* Usenet split in response to
attempts to control it. The underlying technology and how to arrange it is
another question though. Edit: Mcantelon's reference elsewhere in the thread
to namecoin looks like a good start <http://dot-bit.org/Main_Page>

~~~
sneak
Repeat after me: NOBODY WILL EVER USE AN ALTERNATE ROOT. EVER.

It took over a decade to get everyone on the same page re: IPv6, and everybody
WANTS that. Be realistic. It ain't gonna happen, ever.

------
pessimism
Speaking of gandi, a while ago, I ran into some problems logging in to their
site, and I—finally—got this response from them by e-mail:

    
    
        Hello again pessimism,
        
        Our password field supports only passwords up to 16
        characters at this time. All longer passwords
        are truncated.
        
        If you have any further questions, please let me know.
        
        Sincerely,
        
        [redacted]
        Tier 1 Tech Support
        Gandi US
    

I checked in with @theharmonyguy who says this is a pretty bad thing, and I
originally intended to do an Ask/Tell HN post about it, but life got in the
way.

What are your thoughts on this and its implications for using gandi?

~~~
ceol
Speaking of their support, I can see why some people were avoiding Gandi
because of it. I'm trying to transfer a domain (from SWITCH, no less) and am
having issues. I emailed them a week and a half ago and heard back the next
day saying they were looking into it. Still nothing, so I sent another support
email two days ago and haven't heard anything.

They have the most TLD offerings of any registrar I've seen (sans Go Daddy) so
I'd hate to move away from them because of support issues, but I'm starting to
understand the complaints I've read.

~~~
pessimism
Their customer is _abysmal_. They never respond on Twitter—fair enough, other
registrars do, though—and it took four days to get a response to why I
couldn’t log in. I even had to go through weird escalations to higher “tiers”
of support.

If someone knows a good non-American registrar with a wide selection of
domains who also has two-factor authentication like Name.com, please let me
know. Until then, I’ll probably just postpone the domain purchases.

------
drucken
Interesting article.

Shame he did not cover or mention directly the highly popular .EU domain which
has no particularly strong requirements.

While individual EU countries may fall under the NATO/ECHELON agreements under
varying degrees of importance (Germany for example it is likely highly
irrelevant), internet infrastructure tend to be well-protected at the EU
level.

------
kgo
If you look at this as an uptime issue, it has the same answer as any other
uptime issue. Redundancy.

A single server isn't good for uptime because when it dies you're screwed. At
the next level, a single data-center only gives you so much uptime because if
that data center goes down you're screwed.

Same thing here. Any single TLD isn't safe for any number of technical and
political reasons. If you want to be safe, register multiple tlds with
multiple entities so you have redundancy.

~~~
pyre
Right, but your domain is your 'store front.' Depending on your customer-base,
you could lose out when it comes time to switch domains from example.com to
example.ca or example.co.au...

------
mcantelon
Non-centralized approaches like Namecoin will be more likely offer DNS
security than the establish approached.

------
twentysix
UAE, Singapore and Mauritius are all small countries. Singapore and UAE have a
cozy relationship with US and the media is heavily regulated and controlled by
the government in both countries. UAE even blocks Skype.

I dont think the top level domains of these countries are secure at all.

------
plainOldText
I have a curiosity. Would it be better to register a domain as a person or as
an organization? Are there any major differences in liabilities associated
with each entity? (And I'm thinking .ch and the like domains. I don't think
for .com would make any difference.)

------
codesuela
If you want a bulletproof registrar that doesn't bow under pressure and with
competitive pricing go for <http://internet.bs/> (yes they have their offices
in the bahamas). Also free whois protection is included AFAIK

~~~
justincormack
Unfortunately .bs reads as .bullshit to me.

~~~
Ecio78
This could be a plus, you can register reallno.bs :-) All jokes aside,
according to their site, .bs is not on the list of the available TLD you can
register with them

------
Nyr
Internet.bs is a good choice if you want a safe domain name registrar. They
are based in the Bahamas and the staff is composed by people from Europe and
South America.

Getting a "secure" swiss domain name with a registrar in the USA isn't
probably the best idea ;)

------
EGreg
Or simply register your own tld if you've got hundreds of thousands of $ lying
around :)

~~~
TazeTSchnitzel
What about .hax? :P

~~~
wisty
.pirate?

------
joejohnson
Can anyone explain why these domains are usually so much more expensive that
.com domains? I just looked at .se and most of those run almost $40/year. It
seems like demand would have .com domains priced higher than these cc-TLDs.

~~~
orjan
Then you have looked at the wrong registrars. Loopia[1], Binero[2] and
Crystone[3] all sell .se domains for around $15. (I'm not affiliated with any
of these companies),

[1]<https://www.loopia.com/domainnames/#prices>
[2]<http://www.binero.se/doman> [3]<http://www.crystone.com/domainname.aspx>

~~~
joejohnson
Ok, thank you!

------
ragmondo
How about... we start a kickstarter. Target 200k of which 185k is used for the
application for a gTLD and the remaining 15k is for setting up an INC or LLP
such that all those who have contributed can register as many domains as they
want for "cost" (whatever that works out to be).

Obviously the exact gTLD we chose is subject to a bit of democracy, voting etc
etc but I'm sure with a bit of an open forum then they'll be an interesting
debate.

------
mixmastamyk
I've got a .co on namecheap now. No controversial plans but curious as to how
safe it is.

~~~
vignesh_vs_in
Even i have got 5 domains with namecheap. As far as i know, there have been no
negative incidents with namecheap yet.

~~~
freejack
namecheap primarily operates as a reseller for enom. You'd be subject to 3
layers of policy (registry, registrar, reseller) + ICANN regulation + the laws
in the various jurisdictions. Find something cleaner if you are worried about
your domains. Complexity can lead to all sorts of finger pointing when
something goes wrong. And if that doesn't phase you, be sure you are
comfortable with the enom TOS as you'd likely be subject to that as well. (and
yes, I"m aware that NC has an accreditation, that said, most of their
registrations are held under and managed through enom's accreditation.)

------
tlack
This is a great resource. But where should we locate our actual application:
where should we host to avoid seizure?

------
kzrdude
I would go with anything .ch

~~~
sdfjkl
Worth pointing out that SWITCH doesn't permit whois "proxy/anonymizer"
services. Your real name and address is going to show up there (unless you
register under a company name).

------
vaksel
nowhere is safe...if you become a problem they'll eventually come for you

------
instakill
What about .co.za?

------
Ecio78
What about .to ?

------
shingen
A lot of this comes down to how badly the Feds want you. Another domain might
buy you a thin buffer of protection, but if you're doing anything that really
irks the US Government they'll go to great lengths to get you. They got the
Swiss to burn a lot of their treasured banking privacy customs just to flush
out off shore accounts. If you can get the Swiss to do that, you can get most
any country to seize a local domain with a fraction of the pressure.

~~~
zyfo
If you have particularly anti-US content, I would think .ru or .ch is a good
bet.

------
freejack
This is getting a bit silly. Unless you are running a gambling, torrent or
porn site, just get a .com and worry about more important things in your life.
Asset seizure is something that drug dealers, not startups, should be worrying
about.

~~~
drucken
So, Jotform (to name just a recent one) was running a "gambling, torrent or
porn site"? Right...

The only thing _silly_ here is not taking into account all business risks. US-
owned TLDs are very much now a risk.

~~~
freejack
Jotform was a victim of lax registrar policy and wasn't a seizure by the USG
or any of its agencies in any sense.

Using the Internet is a risk. So is crossing the street.

Your single biggest risk in registering a domain name relates to the business
practices of the registrar you choose. This has nothing to do with the
"nationality" of a TLD.

You also face risks associated with the policy of the TLD you register in, the
laws of the local government and the jurisdictions of the registrar, registry
and DNS provider you register with.

You also face a myriad of risks associated with the UDRP and various
intellectual property law.

You can either worry yourself silly with the boundary cases and outside risks
that I see most talked about in recent HN articles _or_ you can cover 99% of
your issues by finding yourself a good registrar (one with fair and reasonable
policies and practices) operating under a good government (one with fair and
reasonable laws and law enforcement practices) and register in a reliable TLD.
And then spend the other 23.5 hours in your busy day worrying about running
your startup or doing something else useful with your time.

