We should require all servers to have opennic DNS and opennic TLS certificates installed
shrugal@lemmy.world 1 year ago
A domain takedown was never able to shut a server down, not even with centralized servers. Most big services are accessible via multiple domains of different countries, and this would just disable one of them. But for the Fediverse that means that they also “disabled” an entire instance with all its users.
This actually shows us that relying on domains can be a problem for the Fediverse! Imo we need to upgrade the federation protocol to be able to handle these things, like propagating a domain change or migrating accounts to other instances.
original_ish_name@latte.isnot.coffee 1 year ago
WhoRoger@lemmy.world 1 year ago
I’ve been wandering why everyone has a domain on their instance, even if it’s a single-user personal thingy.
Perhyte@lemmy.world 1 year ago
Because you need a way to be reachable over HTTPS for other instances to be able to securely send you updates (new posts/comments/votes etc.), so you need a trusted certificate. While HTTPS does not strictly require a domain name^1^ it vastly simplifies the process.
^1^: It’s possible to get a trusted certificate for an IP address, but not nearly as easy as getting one for a domain. And it’s probably also more expensive than just getting a domain and using Let’s Encrypt to get a certificate.
WhoRoger@lemmy.world 1 year ago
Makes sense, thanks.
nintendiator@feddit.cl 1 year ago
Feels like this is the core key to be changed. Something like Debian’s packaging system for example, which doesn’t even need the Debian domain to be HTTPS.
themoonisacheese@sh.itjust.works 1 year ago
They don’t need it per se but there’s a reason apt-transport-https is a very popular package.
kratoz29@lemmy.world 1 year ago
How does this works then?