
Google .dev domain early access - jonseitz
https://domains.google/tld/dev/
======
willmadden
Alphabet has too much cash. They have a well established track record of
enthusiastically backing exciting new projects way outside of their core
competency just to dump them like hot garbage several years later.

They also compete in random new industries each time this happens.

It doesn't seem like a smart move to lease a domain from a politically active
mega-monopoly that might decide to randomly become your competitor in 2 years.

~~~
CydeWeys
Hi. I'm the Tech Lead of Google Registry, the team that is launching .dev (not
to be confused with the linked Google Domains, which is one of many registrars
selling .dev domains to end users).

You'll be glad to know that TLDs can't simply be discontinued like other
products might be. ICANN doesn't allow it. The procedures in place preventing
a live TLD from shutting down are called EBERO; more details here:
[https://www.icann.org/resources/pages/ebero-2013-04-02-en](https://www.icann.org/resources/pages/ebero-2013-04-02-en)

The way it works is that all registries must send daily full backups to a
third-party escrow provider, which are then used to restore the TLD under a
different operator if the original operator shuts down unexpectedly. This is
not some theoretical backup/restore procedure that goes untested; it's been
used in the past, e.g. with .wed:
[https://www.icann.org/news/announcement-2017-12-08-en](https://www.icann.org/news/announcement-2017-12-08-en)

But this typically only happens when the registry operator goes abruptly
bankrupt, and is thus quite rare. Many, many widely used TLDs have been
seamlessly sold/transferred across registry operators without you ever
realizing it, including .io last year. That would be the "worst" you would
expect from TLDs launched by large established players like Google. You
actually get a lot more protections with gTLDs than you do with ccTLDs (such
as .io), as ccTLDs aren't bound by contract with ICANN and thus aren't forced
to do EBERO, or anything else for that matter.

~~~
ldiracdelta
If I register a domain, can google boot me off it at a later year if they
don't like my politics? Or do I own the domain with the continuing option to
re-register it or transfer to another domain registrar? Does google ultimately
own the domains and simply lease them to me with no guaranteed option to
continue?

~~~
OkGoDoIt
Along those lines, if Google decides I’m a bot or nefarious developer as seems
to mistakenly happen on occasion judging from recent hacker news posts, will I
then lose my domain name? Or at least access to it? At this point tying any
major asset solely to a Google account feels risky.

~~~
toast0
I wouldn't lease the domain through Google domains. Use a different registrar
--- if possible, one that you'll be able to trust. That registrar will work
with the registry of the TLD, which would be google in this case, and has a
much better chance of actually resolving issues than if you were a direct
customer of Google Domains.

~~~
panarky
Now you have two entities who can fuck it up for you instead of just one.

~~~
benologist
While this is true there are very few reasons why a domain registrar will give
you a lifetime ban let alone automatically do it for some perceived TOS crime,
let alone refuse to tell you what your alleged misdeed was, let alone
automatically reject evidence you submit to the contrary and keep your
domains. Imagine the liability!?

Meanwhile someone got their Adsense account banned and in those cases Google
refunds the allegedly fraudulent revenue to the advertisers and do not pay you
the non-fraudulent revenue. The person who got banned went to court over it
because it looked like Google schedules these things to maximize how much they
could keep, Google fought for four years to conceal where the non-fraudulent
revenue went and then settled for $11 million to keep that shrouded in
mystery.

[https://www.searchenginejournal.com/adsense-
lawsuit/248135/](https://www.searchenginejournal.com/adsense-lawsuit/248135/)

Note the nobody who will say what happens to your domains when your account is
banned despite relevant Google personnel participating in this page, but they
have time to detail how we're covered by ICANN if Google with $106+ billion in
savings goes bankrupt in thousands of years...

They designed this awful system exactly the way they wanted it to work and
they choose to keep it this way, everyone else should probably not use them
for domains or web hosting in case yourself or someone associated with your
account is irreversibly judged to have committed a TOS transgression somewhere
within their empire.

------
whatshisface
A while ago, some posts on HN went around saying that you shouldn't use third-
world TLDs for your startup because some of them are unreliable stewards who
would put your domain at risk. Does registering a .dev domain make you
dependent on Google in the same way that registering a .ly makes you dependent
on Libya?

~~~
vtange
There was this one guy who lost a valuable Twitter handle due to him using his
custom domain email (via GoDaddy) as a login email.[0] I'd like to think
imagine Google is better than GoDaddy when it comes to security and fighting
social-engineering attacks but who knows. But if Google is a weak link
wouldn't that also mean all our gmails are not as safe as we think?

[0] [https://medium.com/@N/how-i-lost-my-50-000-twitter-
username-...](https://medium.com/@N/how-i-lost-my-50-000-twitter-
username-24eb09e026dd)

~~~
andrepew
I'd say Google would be one of the most resistant organizations to social
engineering by virtue of the fact that you can never really talk to an actual
human even if you are a legit user and want help on an issue.

~~~
bfdm
The ultimate "it's a feature, not a bug!" case.

------
xiphias2
,,.dev lets your clients know what you do before they even open your site.''

I hate the new trend of companies having multiple domains with different TLDs,
as I never know this way if it's the same company or not.

~~~
lucideer
I'm in favour of this trend for this very reason. One should never implicitly
assume you know it's the company you expect in any case.

~~~
stingraycharles
That’s a bit of a stretch, not? If I visit dev.somesite.com, I can reasonably
assume it belongs to the same owner as somesite.com. The same can not be said
about somesite.dev.

~~~
derimagia
Not sure I understand the point here, you're comparing subdomains to TLDs?

~~~
notyourwork
Yes because not everyone understands x.y.z and y.x are not owned by same
person.

~~~
kabacha
Should we design standards for the dumbest of the lot lol? Not everyone
understand that TLD is then maybe they should be educated rather than appeased
to.

Also it seems to be primarily USA's issue. Every other nation uses their
domain for internal websites (like cats.de) where's Americans tend to just
clump everything in `.com` and act all confused by simple TLD scheme.

~~~
notyourwork
I don't think a person qualifies as "dumbest" because they do not know what a
TLD is. Not everyone has to understand everything else in the world to be a
human and use it. Not everyone knows how to be a mechanic but lots drive
vehicles and fly in planes.

The issue with your generalization of America is flawed. The internet started
in America so "we" clumped everything into .com because we could. TLDs for
countries came as a way to organize and route better. A German requesting
amazon.com, should goto amazon.de. (This all happened before amazon and CDNs
and other things.)

It is ignorant to think a fundamental concept of domain resolution, TLDs is
something everyone should understand to use the internet. Do you know how your
cell provider takes a request to dial a number and resolve it to another
person across towers and potentially hard wired cabling? Most don't and they
all make calls.

------
Drdrdrq
> You can purchase an SSL certificate through one of our web partners or a
> Certificate Authority. Read this article to learn more.

Really? No mention of Lets Encrypt? Does anyone still buy certificates
nowadays, especially for dev sites?

~~~
byuu
I buy them. I don't like paying for them, but I want a certificate I know will
just work for years without having to run certbot or one of its clones on my
server. Well, that and LE didn't yet allow wildcard certs when I bought mine.
They've already dropped their maximum validity from three to two years though,
so I'll probably throw in the towel when they further reduce their validity to
less than six months.

~~~
mhaberl
Let's Encrypt certs are valid for 90 days.

There are 2 reasons: 1\. To limit damage from key compromise and mis-issuance
2\. To encourage automation.

What is the issue with running the certbot on your server? It's not like you
have to run it manually.

Here are official reasons:
[https://letsencrypt.org/2015/11/09/why-90-days.html](https://letsencrypt.org/2015/11/09/why-90-days.html)

P.S. Wildcard certs are available for almost a year now:
[https://community.letsencrypt.org/t/acme-v2-production-
envir...](https://community.letsencrypt.org/t/acme-v2-production-environment-
wildcards/55578)

~~~
kortilla
The issue might be executing 3rd party code on a server.

~~~
JulienSchmidt
ACME is an open protocol (and very soon it will be an IETF Internet Standard
too). There are many alternative implementations. Just find one you trust. We
actually did our own DNS-based implementation for our infrastructure.

~~~
byuu
I don't want to run someone else's code on my server just for this (the
default certbot wants root access too, yikes), nor do I want to analyze
someone else's implementation before running their code, and I sure as heck
don't have the time, patience, or interest to write my own implementation of
ACME just for the one service that uses it.

I want to go to a website, have it tell me to put a string into a meta tag or
DNS TXT record, and then save the key it returns on my box. Then I want to
forget about it for the next 2-3 years.

Honestly I don't even want to do that. I want my nameserver to generate a
DANE/DNSSEC record for me automatically, and for browsers to honor that. It
isn't like domain verification is any more secure than a DNSSEC record would
be.

~~~
JulienSchmidt
Take a look at [https://github.com/joohoi/acme-
dns/](https://github.com/joohoi/acme-dns/) (which of course still requires
trust in the client lib)

We do something similar, although not through a REST API. We handle all this
cert management centralized on one server, which publishes the DNS records for
DNS verification etc.

On our other servers is then just a simple script that periodically checks if
the certs on the machine are near the expiry date and if so pulls a new one
from the central system.

------
catern
This "early-access" price which decreases over time is an approximation of a
Dutch auction:
[https://en.wikipedia.org/wiki/Dutch_auction](https://en.wikipedia.org/wiki/Dutch_auction)

Dutch auctions are incentive-compatible - they allocate the resource to the
person that gains the highest utility for having it. Maybe Google got some of
the people working on ads auctions to design this pricing structure.

~~~
icebraining
Google has a long history with the Dutch auction, they used it in their IPO,
back in '04.

~~~
erikpukinskis
I remember people calling that a bit of a fiasco... was there anything
theoretically wrong with the application of a Dutch auction for that purpose,
or was it just that the underwriting community and their clients had every
reason to make the situation look bad?

~~~
jedberg
The price basically ended up being set by the underwriters because they big
players bought most of the shares and bid at the price they underwriters told
them to bid at. It wasn't really a fiasco, it just didn't accomplish what they
wanted.

------
4ad
I reserved unix.dev for the regular domain reservation price, not the crazy
"premium domain" price because unix.dev was not part of the premium domain
list.

However, Google determined that no, unix.dev should be a premium domain, and
"stole" the reservation from me (after I have already paid for it). They
_later_ added it to the premium domain list, and they asked me for $11k to
keep the reservation.

TBH, I expected to lose the domain because of trademarks or whatever, but
apparently it was simple highway robbery.

Btw, I didn't even get my money back, just "store credit".

~~~
toyg
And what were you going to do with unix.dev, if I may ask?

~~~
isatty
How is that relevant? Could be a porn site for all I care.

It is fair to claim it legally under copyright etc like the OP mentioned, but
otherwise, he paid for it and gets to do whatever with it.

------
bigend
There are quite a few Russian lastnames that end ”dev”, like Medvedev. I think
there is going to be quite a rush for these.

~~~
wtmt
There are also Indian (male) names that are just “Dev” or that end in “dev”.
The word means deity or god. There could be many Indians buying these when
early access ends on February 27.

~~~
lessname
"Dev" also means giant in turkish

------
unilynx
120KB of javascript and still the accordion doesn't open on OSX Safari.

~~~
dictum
I recently found out that the sidebar menus on pages within
[https://developers.google.com/web](https://developers.google.com/web) don't
work with JS off (usually a trivial thing: show sub-items by default and hide
them with JS). Almost every Alphabet website has something like that.

So yes, minor anecdote, and I genuinely appreciate the hundreds of Google
employees who really help the Web and share useful knowledge (and don't lead
developers into using techniques best suited for billion-user websites, as FB
often does) but I'll reserve to right to side-eye anything Google says.

~~~
tambourine_man
Not working with JS disabled is bad, but not working on a major modern browser
is ridiculous.

~~~
the_duke
Safari is the new IE8.

Every web dev I know bitches about it.

~~~
dmitriid
Every bad web dev bitches about it.

There's nothing about Safari that makes it "the new IE8". Ironically, the very
same HN that bemoans every new thing as "why should devs jump onto this shiny
new things, just slow down already" criticises Safari for not jumping onto
every new thing.

~~~
userbinator
_Ironically, the very same HN that bemoans every new thing as "why should devs
jump onto this shiny new things, just slow down already" criticises Safari for
not jumping onto every new thing._

HN is quite diverse and I'm pretty sure those are two disjoint sets of users.
(I'm in the former group myself --- not a fan of presenting information in
such a way as to decrease its accessibility while also increasing resource
usage.)

I bet I could make those accordion sections work in all browsers going back to
_IE5_ without much effort, and use nothing near 120KB of JS to do it... but
no, most "modern web devs" would rather pile on the bloat of their libraries
and "best practices" to make something that works only in the very latest
version of the one browser they personally use.

~~~
lazyjones
> _I bet I could make those accordion sections work in all browsers going back
> to IE5 without much effort, and use nothing near 120KB of JS to do it._

<summary>/<details> tags with JS polyfill is all you'd need.

[https://caniuse.com/#search=summary](https://caniuse.com/#search=summary)

~~~
userbinator
Your post shows the big difference in mentality that's partly responsible for
why we see so many broken sites --- I haven't ever used those tags before and
would just go for plain old DOM style manipulation with JS (which has been
around for a _very_ long time), whereas you started with something much newer
and took backwards-compatibility as an afterthought to be added on. Your
solution requires less initial effort (providing you knew about the new tags)
but then additional effort to work on older browsers --- that might not even
be done --- whereas my solution may take a little more effort initially, but
then naturally doesn't need any further considerations for backwards-
compatibility.

~~~
lazyjones
My mentality is to make the website usable without JS for most people (with
the reasonable effort of installing FF or Chrome at most), then use as simple
and compatible JS as possible if needed. Thus, old-style DOM fiddling isn't
the first choice - and if we're talking very old browsers, it was also tricky
to get right due to all the incompatibilities.

Why you think something would be broken when a polyfill is used as fallback, I
don't know.

------
have_faith
> A domain just for developers

> $11,500 for 9 days early access

Makes video games early access look like childs play.

~~~
Izmaki
It's a nice way to earn a bit of cash from larger companies who do not want
"company.dev" associated with porn or malicious content. Imagine if
"unity.dev" or "disney.dev" pointed to a cesspool of viruses.

~~~
bhartzer
There are icann rules for launching a tld. There is a period for tm holders.
Most companies are going to get their company.dev during the tm period. If
they don’t, three is always the udrp process.

~~~
johnchristopher
So big companies with big money won't have to shell out cash because there's a
TM period for them but smaller one got to buck out 10,000 bucks to prevent
cyber squatting ?

~~~
zanny
Welcome to the Domain Name System?

~~~
kabacha
Domain Name System is an absolute cancer and has always been this way.

------
pluc
The .dev TLD worked fine before it was bought. Now we have to use .test or
.local.

I don't get what Google thinks they'll get out of sponsoring putting sites
under development online.

~~~
jtreminio
If you've any developers on your team that use MacOS, avoid .local since it
does some listening on this for Bonjour:
[https://blog.scottlowe.org/2006/01/04/mac-os-x-and-local-
dom...](https://blog.scottlowe.org/2006/01/04/mac-os-x-and-local-domains/)

I believe .localhost is the "official" recommended TLD for local development.

~~~
cpburns2009
According to RFC 2602 [1],

> The ".localhost" TLD has traditionally been statically defined in host DNS
> implementations as having an A record pointing to the loop back IP address
> and is reserved for such use. Any other use would conflict with widely
> deployed code which assumes this use.

So it might work but it could be problematic if the intent is to use
".localhost" as a local network domain rather than just the local host.

[1]:
[https://tools.ietf.org/html/rfc2606](https://tools.ietf.org/html/rfc2606)

~~~
ameliaquining
.test, .example, and .invalid are also reserved by the RFC and don't have this
problem.

~~~
cpburns2009
> ".test" is recommended for use in testing of current or new DNS related
> code.

This one looks the safest and least prone to confusion.

> ".example" is recommended for use in documentation or as examples.

> ".invalid" is intended for use in online construction of domain names that
> are sure to be invalid and which it is obvious at a glance are invalid.

Both of these look problematic from a terminology standpoint, not a technical
one.

~~~
ekimekim
.test is also problematic for the purpose of hosting internal (but not
development/testing) domains on a private network.

There is a draft RFC to reserve .internal for this purpose, which I think
makes a lot of sense.

[https://github.com/wkumari/draft-wkumari-dnsop-
internal](https://github.com/wkumari/draft-wkumari-dnsop-internal)

~~~
takeda
.lan would be much better name.

~~~
ekimekim
An internal network might not be a LAN - for example, it might be a company's
entire internal infrastructure spread over three offices and a datacenter with
VPN.

------
dehrmann
When in doubt, racketeer.

I've been annoyed by how Google uses Adwords for a while; suppose you're
company in a competitive, undifferentiated space. I just searched for
"enterprise rental cars," and the first thing below the search box, an ad, was
for getaround.com. The second was an ad for Enterprise, the third was the
organic result for Enterprise. Google is effectively telling these companies
"You wouldn't want someone to happen to see a competitor first and click them
when they search for them, would you? Then pay up." That's a racket.

Same with this. They're inventing the demand for this TLD, then telling
developers to pay up if they don't want someone to take their name.

~~~
GordonS
You could make the argument with a lot of the (mostly pointless) TLDs that
have been released recently, such as .uk, which was a clear money-grab
targeting existing .co.uk owners, or .sucks, which feels like an attempt to
extort _all_ domain owners.

~~~
dehrmann
True. Also, the new TLDs have gotten out of hand to the point that ICANN
launching a new TLD has become noise. Their restraint has been so lacking that
I'm expecting punycode emoji TLDs in the next few years. If you thought .sucks
was bad, just wait for the poo emoji.

~~~
AnIdiotOnTheNet
Ugh. I wish I had something more insightful to say, but I read your comment
and audibly groaned, because I just know deep down that you're correctly
predicting the future.

------
iamleppert
I find it hilarious that most solo or indie developers (who they are
targeting, and the vast majority of developers) won't be able to get a .dev
domain judging by these prices. If they really cared, they would have some
program where they validated you were a real developer and actually put some
effort into screening out squatters.

Instead they have implemented a braindead dutch auction-style system that
ensures developers will not be represented fairly. The marketing and
implementation of this are out of touch and its doubtful this effort will be
successful.

~~~
kabacha
Really? Because starting feb 28th it's only 12$/year, that's lower than pretty
much any other decent TLD. Do indie devs really need the high demand domain
names?

~~~
iamleppert
When I think of 'developers' I don't think of corporations with a $12k budget,
sorry. What was cool about domain names back in the day was that anyone could
register them, and you could get a cool name as an individual. I realize
things are different now, and it's all about money.

It would be like Github launching a new web site and allowing 'developers' to
select their usernames on a first-come basis if they paid $12k for the
privilege. It's incredibly tacky and shows a lack of self-awareness on the
part of Google.

~~~
pedrogpimenta
Dude, 12 dollars a year. Not 12 thousand.

------
demarq
Google is such a big company, I find it bizarre they are trying to make money
in this way.

It would be interesting to know what they make at the end of the pre-sale.

~~~
ameliaquining
My guess would be that this isn't primarily about the money (there are
probably domains they could get more than $11,500 for), but rather about
allocating the most in-demand domains in a way that reflects how badly people
want them. A Dutch-auction-type thing like they're doing is a crude solution
to this problem, but if they just went straight to GA too much valuable real
estate would immediately be claimed by squatters and trolls.

~~~
xg15
The squatters defense is a good point - however, this also seems to ensure
that the megacorps get the best pieces before anybody else gets to choose.

If defending against squatters is the top priority, they could also make it an
application-driven process: Let people submit proposals about what they want
to do with the domains along with a link to their organisation and have some
group grant applications (preferably along some previously published criteria)

~~~
hombre_fatal
That sounds just as empty except now with massive human overhead for
processing applications that can pitch whatever they want. I'd even be tempted
to write up some bullshit to get a domain I want. What are they going to do,
research my details? You can barely get a human on the phone at Google even
when you're a paying customer.

Not to mention all the hurt feelings when someone's application is denied and
the domain stays undeveloped or becomes a terrible website.

Auctions seem unfair but money is an extremely simple system for allocating
finite resources. And it's not like you need a dictionary word domain name to
have an online identity. It's almost pure vanity.

------
sirn
I'm not familiar with ICANN rules, but I wonder if a company can do whatever
they want to a gTLD once it's accepted, even if it's not within the intended
usage in the gTLD application? As far as I know, Google said they registered
.dev for internal use and for Google-related products and it will be
completely closed to Google, according to their application[1]:

> The mission of this gTLD, .dev, is to provide a dedicated domain space in
> which Google can enact second-level domains specific to its projects in
> development. Specifically, the new gTLD will provide Google with greater
> ability to create a custom portal for employees to manage products and
> services in development.

> Charleston Road Registry intends to operate the proposed gTLD as a closed
> registry with Google as the sole registrar and registrant. The goal of the
> proposed gTLD is to allow Google to manage the domain name space for its
> projects in development. The proposed gTLD will provide Google with the
> ability to customize its domain and website names for its projects and
> signal to users that .dev websites are managed by Google

> Charleston Road Registry believes that given its intended use by Google, the
> .dev gTLD will best add value to the gTLD space by remaining completely
> closed for the sole use of Google.

…and now they're opening it up to the public... :\

[1]:
[https://gtldresult.icann.org/applicationstatus/applicationde...](https://gtldresult.icann.org/applicationstatus/applicationdetails:downloadapplication/1339?t:ac=1339)

~~~
sascha_sl
That application is bullshit. Everything in Google's network already uses
their pseudo-"goto" TLD.

I don't think they use any domains beyond the few used for the registry page
either.

~~~
CydeWeys
It's not a TLD, it's either a single-label hostname or a fully-qualified
subdomain (both will resolve internally, the former obviously won't resolve
externally but the latter will, you'll just get an auth error).

~~~
sascha_sl
Since you're apparently the head of Google Registry, can you tell me how many
.dev domains have been registered for (internal) use at Google?

~~~
CydeWeys
We're not in general availability yet, so not many. We're restricted in how
many domains we can self-allocate prior to it being launched.

------
c0llision
Damn, now I have to change my hosts file, I've been using .dev for local
development

~~~
sago
This is common, but sadly has always been incorrect.

.test is the TLD you want, specified by RFC2606.

~~~
eeeeeeeeeeeee
This seems like one of those anti-patterns that has been passed down by blog
posts and from engineer-to-engineer. I've seen this in almost every single
developer team I've been apart of.

Either way, like you said, people should be using .test so you don't have to
worry about future collisions.

------
Brendinooo
This may sound like an ignorant question, but since Google is pretty
aggressive about data collection:

If I buy a .dev domain, does that expose me to sending more data to Google?

~~~
profmonocle
They run the authoritative nameservers for .dev, so they'll have some
information about how much traffic your domain is getting, and from where.

Beyond that (and knowing you own the domain), running the registry doesn't
give them any more info than they already get about you & your domain from
their other services.

------
jasonbarone
Does anyone know how the “premium” renewal prices are set and governed? I’m
going through this right now with .app domains (also owned by Google).
Apparently domains categorized as “premium” have a much higher yearly pricing,
and how it’s priced is not specified anywhere on the registry website. I
called a few registrars and they said that the premium pricing is set by the
registry. What’s concerning is that the registrars admitted that there really
isn’t anything stopping the registry from increasing the premium pricing at
will.

Anyone have anymore info about this? Seems concerning that a registry has no
restrictions on what they can do with pricing after an individual has invested
into an expensive domain.

~~~
tedmiston
Are you saying the registry can arbitrarily change the .app domain renewal
price without control, or that they can charge a different renewal price for
different .app domains?

I've experienced weird price fluctuations with .io domain renewals in the
past, but haven't owned one in a few years.

~~~
jasonbarone
According to registrars, yes. So for example, let's say I paid $1000 for a
premium .app last year when they were released. Renewal price is marked for
something like $280/yr, which I didn't expect, because I thought the premium
pricing was an initial purchase price only. I thought the renewal price was
standard .app renewal rates.

When I called to clarify with a few registrars, they said that this premium
price ($280) is specified by the registry (Google), and that there's no
guarantee that pricing will stay at $280. I used a hypothetical, and asked
them if it were possible for Google to raise the price to something like
$1000/yr or $10k/yr, and they confirmed that there is technically nothing
stopping the registry from doing so.

~~~
towb
Yikes! My one was and still is $63.70/year. I wonder what makes a domain
"premium" anyway, and what makes it more or less premium? Never even seen a
live .app domain anyway so that sort of makes them not premium at all.

~~~
tedmiston
One criteria I've seen used to price domains as "premium" is shorter names and
popular dictionary words. Not sure if this is consistent across registrars,
but I would think "premium-ness" is established at the registry level.

It's unclear to me if premium-ness is a function of time, and/or if there's an
objective formulaic criteria here.

------
sschueller
How long until Google will start removing domains that don't fit their
"values"?

~~~
hobs
Surprise! Pretty much every provider has a terms of service.

~~~
prepend
Which registrars have TOS that allow removal of customers based on values?

~~~
judge2020
Every single one that says "we may terminate for any reason or no reason at
all". Gab was kicked off of GoDaddy because of what they allow.

------
40four
I don't know how this stuff works, what gives google the ability to sell these
domains early? Also why is everyone cursing google for taking their local
.dev? Google is not the only place you can buy these. Namecheap has .dev in
the works, and GoDaddy is taking pre-orders as well (I didn't keep searching
but I'm sure it's available at many other registrars), but nobody is cursing
and shaking their fist in the air at those services. So what does google have
to do with it? Why are we all holding them responsible?

~~~
bhartzer
Google is the registry and not the registrar. That’s why they are ultimately
responsible.

~~~
40four
Oh ok, I see the difference now. Thanks!

------
nisuni
How much did it cost to buy the TLD? Looks like a very good investment that
will repay itself quite easily.

~~~
snek
It costs USD$185,000 to submit a TLD application, and there are probably
additional costs beyond that.

~~~
bhartzer
Yes, you do need to hire a good domain attorney that is well versed in tld
applications.

Last time I considered a new tld you are looking at about $500k in total
costs, such as application, atty fees, and marketing fees.

That’s if it doesn’t end up in auction. Google paid $25m for .app, I believe.

------
ceejayoz
I was already irritated that they took the .dev TLD. This sort of blatant
money grab over it is simply gross. $8k premium to get in on the first day.

~~~
bhartzer
They didn’t take it. They applied, went through the process, and paid a
premium for it.

$8k for a domain is actually cheap compared to other premiums in other new
gtlds.

~~~
wolco
It's really cheap. Much cheaper to buy the .com/.net version.

------
opportune
I feel like if they're going to force https on .dev domains they should just
bundle certs with the domain itself. I like https as much as the next guy but
it's simply not necessary in many types of websites (e.g. a website with
documentation and third party binary links), and they're not making it as
painless as it could be to comply with their own rules

~~~
whatshisface
> _it 's simply not necessary in many types of websites (e.g. a website with
> documentation and third party binary links)_

I see debates about HTTPS as being a bit like debates about wearing pants in
public. "Technically, if a subway station is empty and the AC is working, you
don't have to wear pants." "You don't gain anything by wearing pants in a
deserted forest when the weather is nice." "Wearing pants is a lot of work,
and every day before putting them on I check to make absolutely sure that I
will suffer dire consequences if I leave them off."

In all of these cases, you are betting big that none of the situations will go
sideways for unexpected reasons (how sure are you that you have thought of
100% of the ways in which going pants-less in a subway station could get you
in trouble, and how sure are you that none of them will happen?), but the
reward for taking on that risk is almost nothing.

~~~
18pfsmt
I take your point, but to be fair, there is a cost to me for thinking in this
way where I better consider every possible action I take being offensive. I
have no malicious bone in my body, but I am certainly callous at times
(unintentionally).

------
obulpathi
What are some good use cases for a .dev domain? For example, .ai for
Artificial Intelligence, .io for startups. One thing that comes to my my mind
is .dev is good for developer tools and related projects. Any other projects
or products that .dev domain can be used for? Thanks!

~~~
JBiserkov
All kinds of (Russian?) names end with dev.

President Medvedev and Art Lebedev studio come to mind.

------
Roverlord
I've had .dev domains for years. (Internally with Apache, virtual hosts IIRC?)

It seemed like the obvious choice of suffix for my localhost experiments, and
I can't be the only person using it (e.g.
[https://headsigned.com/posts/setting-up-local-development-
do...](https://headsigned.com/posts/setting-up-local-development-domain-with-
apache-vhosts/)), will this new TLD break that?

I suppose I can always edit my hosts file but if I didn't know a new TLD was
dropping would it screw me silently?

~~~
PinguTS
You should never ever invent your own TLD for internal use. There TLD defined
for that purpose. Look at RFC2606.

[RFC2606]
[https://tools.ietf.org/html/rfc2606](https://tools.ietf.org/html/rfc2606)

------
EamonnMR
Is the gouge for early access normal for registrars with a new TLD?

~~~
ameliaquining
Yes.
[https://en.wikipedia.org/wiki/Landrush_period](https://en.wikipedia.org/wiki/Landrush_period)

------
bambax
All of those new gTLDs are pure racketeering. Sub-domains worked fine (and
still do!) for testing or development purposes. Or even company-dev.com

I fail to see what value there is in a .dev tld.

~~~
icelancer
> I fail to see what value there is in a .dev tld.

Then don't buy one?

~~~
bambax
Sure. I'm not really impacted. The racketeering targets big companies who need
to buy all domains in all tlds for all of their trademarks. It's disgraceful
but of course it's hard to feel sorry for large corporations.

Yet, Internet companies (like Google) who participate in this should lose a
little respect from everyone.

------
benatkin
Having used "sudo vi /etc/hosts" to add .dev domains, this gets no <3 from me.

I'm going to avoid buying one, but if there are any popular .dev domains I
hope I will forget about it before long. I don't want negative feelings from
this so often. On the other hand there are plenty of reminders of negative
things in politics and the environment, so I guess I've gotten used to it and
developed outrage fatigue.

~~~
eeeeeeeeeeeee
We have RFCs for a reason, so people follow predictable behavior everywhere.
And so you don’t build up a ton of work/customization and then suddenly have a
surprise like this. Worse, you embed that custom design into a system and then
leave and someone else needs to fix that mess.

.test is what you should have been using, precisely for this reason.

~~~
benatkin
Nope. Testing is a meaningful term in software development, and what I was
using it for doesn't entirely fit into my concept of testing. Much of it was
just development.

------
kemyd
You can only purchase on Google Domains if your billing address is in a
supported country (15 countries listed).

Would .dev domain be available from other countries?

~~~
CydeWeys
.dev domains will be available from many dozens of registrars, including most
likely the one(s) you're already using. You'll for sure be able to get one.

------
kemalg
It seems like some companies and individuals started to register their names
with .dev TLD. There are 573 registered .dev domain names now. You can see all
of them on dofo.com:
[https://dofo.com/search/?extension=dev](https://dofo.com/search/?extension=dev)

------
aboutruby
Pretty sure the first domains acquired will be targeted at local development
setups, like tmp.dev, staging.dev, production.dev, etc. etc.

edit: just a reminder that .local is the reserved one
[https://en.wikipedia.org/wiki/.local](https://en.wikipedia.org/wiki/.local)

~~~
wolco
I've been collecting country level three character long domains and using
them. I suggest everyone does the same.

~~~
jaflo
What do you use them for? Do you have any examples?

------
oaiey
I feel disappointed about the pricing. Shows a complete lack of understanding
of developers. Right pricing steps are
0,1,2,4,8,16,32,64,128,256,512,1024,2048,4096,...

~~~
j1vms
Unless those developers are working as team. Then they should be:

0,1,1,2,3,5,8,13,21,34,55,89,...

------
barbarr
Just to make sure, you can't get multiple domains with early access, right?

~~~
CydeWeys
You can get as many as you have money to pay for.

------
daxterspeed
If you're looking for a live .dev domain (for testing purposes etc)
[https://v8.dev/](https://v8.dev/) has existed since September 2018.

------
ksec
Speaking of Domain, I am still waiting for .Web. What happen to it?

~~~
judge2020
[https://icannwiki.org/.web](https://icannwiki.org/.web)

Looks like it's still proposed, not even delegated. Registrations usually
happen a few months after delegation depending on the registry's intentions.

------
vira28
Joining the bandwagon of anything from Google, be cautious. Do I really need
to be using this? Is there any alternative?

------
philip1209
I'm assuming some repos use .dev as a development domain. If so, then
enforcing HSTS could break a lot!

------
AznHisoka
Would it be wise to hoard a bunch of brand name domains in hopes they become
valuable?

~~~
bhartzer
Most likely the registry won’t let you buy trademarked domains if you can’t
prove you have the trademark. There is a period set aside for tm holders.

I would stay far away from any brand or tm domains at any time. You will
eventually lose the domain through a udrp. And you could likely get sued as
well.

~~~
r3bl
Only if both the company and the registry give enough of a shit. For example,
microsoft.ba has been sqatted since 2006.

Despite Microsoft having a presence in the country, they still can't get .ba
thanks to an incompetent registry in charge of .ba TLDs.

------
willart4food
Game theory at work! I like it.

Looking forward to have an AI-driven dynamic pricing platform.

------
sachinsmc
Now, I get it why they forced us to use .test or .local. Well planned.

------
bhartzer
I really actually hope Google decides to not index .dev domains/sites. It’s
crazy how many times have I seen a site in dev or staging that gets indexed by
google but shouldn’t be indexed.

~~~
hombre_fatal
That wouldn't make sense since the TLD isn't just for the staging phase of a
website. It's for anything.

------
chiefalchemist
Um. Wait? Didn't Google recently propose (effectively) an alternative to
domains? I realize that's a long way off, if ever. None the less $12k feels
excessive.

------
VikingCoder
I hope something nice lands at jaiguru.dev

------
simplecomplex
Why is this such a popular story ? There’s literally hundreds of new gTLDs and
they get released all the time.

------
PinguTS
Is this .dev only avaliable through Google Domains? WTH? Google Domains is
still not available in my country.

~~~
profmonocle
It's available through other registrars as well. Gandi is a European registrar
that supports it, for example.

------
mrbanks
Is everyone at Google fucking bored of the free massages so just makes stupid
shit like this?

------
_wmd
A domain just for developers! Until it abruptly shuts down Feb 19, 2021. Why
would anyone trust Google with something with any kind of long-term
requirements as important as a name? They should have registered ".chump"
instead, because that is really what users of a Google-managed TLD are
declaring

"Dear VALUED developer, thanks so much for being a part of the .dev
experiment! After a long hard period of staring at our shoes, we realized we
cannot extract sufficient value from our users in this manner. As of midnight,
your name will automatically be migrated to our newer, better, faster TLD,
.plus, the future of the open web"

~~~
gipp
Somebody makes this post on every HN thread involving Google now. But the
three big public deprecations I'm aware of are Reader, Inbox, and G+. All
consumer products. All the other stuff on that killed by Google site is stuff
I've barely even heard of, and all consumer products.

To my knowledge, no major GCP component has ever been deprecated. Am I missing
something? This seems like it has just become a groupthink HN meme at this
point.

~~~
ebg13
> _But the three big public deprecations I 'm aware of are Reader, Inbox, and
> G+._

Google Code. Also Wave and half a dozen chat apps, but Code was a serious one
that broke a lot of the developer web.

~~~
treis
>Google Code. Also Wave and half a dozen chat apps, but Code was a serious one
that broke a lot of the developer web.

What did it break?

~~~
Arnt
It hosted repos, and broke links to those repos and links within them. It also
broke processes that relied on the repo, e.g. automatic issue creation in CI,
but that's less serious.

URLs that change without good reason are a PITA.

~~~
rrdharan
They have a process for setting up redirects. They also provide read only
access to all public code AIUI:

[https://code.google.com/archive/about](https://code.google.com/archive/about)

~~~
ebg13
Setting up a redirect works _if_ you are the administrator of the
project...and are still alive. Migrating a project was simple _if_ it didn't
have a wiki. There are a lot of details that caused some real headaches. I
remember it being like a mini Y2k at the time, and there's no telling how much
we just collectively lost from it.

------
lichenwarp
$11,500 screams greed to me, how much money is enough?

------
everdev
localhost.dev should be fun

~~~
adtac
If someone ends up buying it, please set your DNS records to point to
something in 127.0.0.0/8

------
sascha_sl
Besides the usual disregard decency let's HSTS preload a TLD people have been
using for local development for decades...

This is terrible gatekeeping and I hope Google perishes soon. Wow. I can't get
over how fucking dumb this is.

This is the mark of a corporation filled with people that thinks putting a
price tag on supposedly scarce good early will deter bad actors. Clearly
everyone who thought this up has way too much money in their account.

~~~
fastball
If you've been using .dev for local development, that means you've either been
setting it in your hosts or using your own DNS server until now, which you can
continue to do with a .dev TLD.

~~~
jtreminio
Chrome requires an SSL certificate for all .dev hostnames.

~~~
delinka
if you have the technical savvy to be using .dev before the Google deployment,
you have the technical savvy to install an additional root cert for use with
Chrome.

~~~
ninkendo
That is such specious logic it’s kind of sickening.

I use TLDs like .dev exactly because it’s convenient. Not because I’m “savvy”,
and even if that were true, it doesn’t follow that it would be just as
convenient to set up a local CA.

Using `echo ip >/etc/resolver/dev` to have a custom dns server for everything
in the .dev domain is trivial. It’s one command. Getting a custom CA for all
of that is not.

~~~
delinka
One man's "convenient" is another man's "savvy." If you've got the technical
ability (you are 'savvy') to use this TLD, you've got the technical ability
('savvy') to use your own CA.

And I didn't say it would be convenient. The world doesn't revolve around your
convenience. I said you've got the ability to use a CA.

------
shereadsthenews
What will you build on .dev? A site so broken that it still has a horizontal
scrollbar no matter how wide the browser window.

~~~
fgkramer
Are you on a mac? 99% of times it's because of an external mouse connected.

edit: the css for the element that overflows has: `grid-template-columns: 50vw
50vw;` and based on the spec: [https://www.w3.org/TR/css3-values/#viewport-
relative-lengths](https://www.w3.org/TR/css3-values/#viewport-relative-
lengths), scrollbars are not taken into account, therefore as long as you have
a _forced_ scrollbar, the content WILL overflow regardless of your screen
size.

By forced I mean a scrollbar you cannot remove and that's not enforced by your
systems settings, you can clearly see this behaviour on mac if you toggle the
"Show scroll bars" setting to "Always".

Safari and webkit based browsers can avoid this issues with `::-webkit-
scrollbar{ display: none}` but it's not a cross browser solution nor a wise
decision to hide scrollbars overall.

~~~
LukeShu
I see it with Firefox on Arch Linux. No matter the size of the window, the
page seems to be a fixed ~16px wider.

~~~
ancarda
For me, if I resize to a narrow window (or zoom to 400%) it'll switch to
mobile view and the horizontal scrollbar disappears.

------
jmiserez
(removed)

~~~
cramforce
They can use a different TLD. One big benefit is that the literal TLD is in
the list (not every domain) keeping the size of the list O(1) instead of O(n)
as it is for other TLDs.

------
runjake
Not very equitable of them. You get in line in order of wealth.

------
tambourine_man
I'll never forgive them for competing with my hosts file.

.test is not as nice

~~~
gpm
You could replace it with .d, ICANN isn't giving out single letter tld's yet.

------
chinathrow
I hope they fail.

Google forced me to migrate my local .dev domains to .devo because Chrome
refused to connect to my localy configured domain names via /etc/hosts.

~~~
stingraycharles
Isn't this just as silly as wishing Cloudflare's public DNS fails because you
were using 1.1.1.1 as a development IP ?

~~~
gpm
\- Cloudflare 1.1.1.1 doesn't prevent you from using 1.1.1.1 as a development
IP, it just prevents you from accessing their service if you are. Google
preloading everything to the HSTS list prevents you from using it without
jumping through loops.

\- The IP address 1.1.1.1 as a public DNS has clear value to the public, DNS
IP addresses needing to be for 0-255 values that are memorable. .dev has no
real public value considering the plethora of other tlds.

~~~
m45t3r
> \- The IP address 1.1.1.1 as a public DNS has clear value to the public, DNS
> IP addresses needing to be for 0-255 values that are memorable. .dev has no
> real public value considering the plethora of other tlds.

Of course it has, TLDs that describes itself are valuable for some business,
and this is exactly what this seems to be about.

------
Latteland
I hate the very high prices for early access. This is anti-individual-
developer, pro big company, rich people.

I can see it's a way to let big companies save off their amazon.dev domain or
whatever. I think a much more preferable early stage practice would be to let
people who can authenticate their name let them get their name .dev. I've been
trying to buy my personal domain name for a while, a name squatter has been
sitting on it for years, they don't even answer their contact email. A second
domain that is commercial is also in a similar category. How do these
companies keep their domains and never sell them?

Someone like say JohnAkbar.com has to wait and hope another JohnAkbar or a
squatter doesn't get their name. I'm also jealous of people that have more
unique names. People get vanity urls or twitter handle like things with my
name and never use them. Sure, first world problem but

